Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] appflowy not work with authentik #1096

Open
anschein opened this issue Dec 21, 2024 · 0 comments
Open

[Bug] appflowy not work with authentik #1096

anschein opened this issue Dec 21, 2024 · 0 comments
Assignees

Comments

@anschein
Copy link

I'm trying to use authentik as a saml provider, authentik is a third party open source authentication system that works well with my other services, I also checked the saml output endpoints of authentik and it is able to generate the xml metadata correctly, but I'm populating the metadata address into appflowy The following error is thrown when adding the saml provider:

2024-12-21T04:17:40Z INF component=api error=400: HTTP 406 error fetching SAML Metadata from URL 'https://example.com/api/v3/providers/saml/8/ metadata/' method=POST msg=400: HTTP 406 error fetching SAML Metadata from URL 'https://example.com/api/v3/providers/saml/8/metadata/' path=/ admin/sso/providers referer=appflowy-flutter:// remote_addr=172.30.0.10 request_id=ad452403-acaf-48f0-9897-962aa9343cbd

The xml output of the authentik endpoint is as follows:

{"metadata":"<md:EntityDescriptor xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#\" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#\" ID="_19222da8cefbc5daf734bef3c753f512a48a21b0581f1dd6778fa7dd43e1d57d" entityID="authentik"><md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://example.com/application/saml/appflowy/slo/binding/redirect/\"/><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.com/application/saml/appflowy/slo/binding/post/\"/>md:NameIDFormaturn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>md:NameIDFormaturn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>md:NameIDFormaturn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>md:NameIDFormaturn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://example.com/application/saml/appflowy/sso/binding/redirect/\"/><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.com/application/saml/appflowy/sso/binding/post/\"/></md:IDPSSODescriptor></md:EntityDescriptor>"}

@khorshuheng khorshuheng self-assigned this Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants