Common SAML Config Workarounds: same entity ID in prod, test; hide "Logout from SAML"
1. Prod and Test have same entity ID:
When restoring backup from production instance to create a test instance, the entity ID and and the redirect URL are same as the one in the production instance and we are not able to configure SAML in the test instance.
- To change the application URL, we can modify it from Advanced Portal Settings (or Application Settings in ESM Directory) under the name Alias URL.
- For the SAML entity ID, run the following query after connecting to the database and restart SDP service for changes to take effect:
update samlsp set entity_id='<new_entity_id>';
Note: Here, for the <new_entity_id> you can even modify a single digit from the existing entity ID too.
2. Allow only "Logout":
Some organisations worry that their users unknowingly click "Logout from SAML" and this logs them out from all SAML applications. They want to log out only from SDP. To achieve this
- Leave the "Logout URL" blank during the SAML configuration. This will not show the "Logout using SAML" button.
3. Allow only SAML Logout
Some organisations want their users to directly log out from all SAML applications and they want to hide the "Log out" button and rename "Logout from SAML" button to "Log out". To achieve this, add the following Page Script.
- Go to Admin > Page Scripts and add new Page Script.
- Give an appropriate name and add the script below:
if(jQuery("a#logoutLink").length == 2) {
$CS.hideElement("a#logoutLink:eq(0)");
jQuery("a#logoutLink:eq(1)").children()[1].innerText = 'Awesome';
}
Contact support for any clarifications on any of these workarounds.
New to ADSelfService Plus?
Related Articles
Configuring SAML with ADFS
Step 1: Open the ADFS management application Step 2: Right-click Relying Party trust and choose Add Relying Party Trust. The Add Relying Party Trust Wizard opens. Step 3: Choose Claims Aware and click Start Step 4: Choose Enter data about the relying ...How to configure SAML with Azure AD
This guide will help us configure SAML for users who want to use Azure AD as their IdP and also give you insights on a few issues that you might run into while configuring SAML in an Azure Environment. In an ideal environment, customers will have an ...Configuring SAML with Azure (New)
Step 1: Open the Azure Portal--->Enterprise Applications. Step 2: Select the created Enterprise Application and get started with Set up Single Sign-On. Step 3: Edit the basic SAML Configuration. Step 4: Copy the Entity ID from SDPMSP and place the ...SAML - Login page would not reflect SAML option
Issue: In some cases, even after configuration and enabling of SAML option, it does not appear in the login page. However, if you notice in login page customization, the SAML option appears. Root cause: Check SAML - Service provider details. ...SAML | Multiple Login URLs for SAML Response
Issue: Even if SDP can be accessed with multiple URLs like internal.servicedesk.com and external.servicedesk.com, the SAML response is always received at the same URL that is configured in Alias URL. Fix: The acs_url column in the SAMLSP table can be ...