Dashboard SSO with SAML and Azure AD - Consumer URL broken?

SOLVED
tkovac
Here to help

Dashboard SSO with SAML and Azure AD - Consumer URL broken?

I've been trying to configure SAML for management login and followed Configuring SAML SSO with Azure AD - Cisco Meraki

 

Going to dashboard.meraki.com just goes to the logon page and SSO never initiates.


When I click Test from Azure it logs me in fine.

 

There are no options in Meraki Dashboard to add the Login URL, Azure AD Identifier or Logout URL from Azure.

Is anyone able to tell me what I'm missing here?

 

Thanks.

1 ACCEPTED SOLUTION
Bruce
Kind of a big deal

The issue is this statement in the document…

5D1A2116-47DD-4F17-9686-E474468CD6CB.jpeg

You can’t do a SAML login from the Service Provider (I.e. the Dashboard). You need to login through the identity provider (IdP) and it should then redirect you to the Dashboard and pass the SAML token in the process.

View solution in original post

7 REPLIES 7
Bruce
Kind of a big deal

The issue is this statement in the document…

5D1A2116-47DD-4F17-9686-E474468CD6CB.jpeg

You can’t do a SAML login from the Service Provider (I.e. the Dashboard). You need to login through the identity provider (IdP) and it should then redirect you to the Dashboard and pass the SAML token in the process.

tkovac
Here to help

Thanks @Bruce - is that the URL that Azure gives? 

When I try that I get this:

 

 

Sorry, but we’re having trouble signing you in.

 
AADSTS750054: SAMLRequest or SAMLResponse must be present as query string parameters in HTTP request for SAML Redirect binding.
 
tkovac
Here to help

I have found the full URL that Azure uses but as yet have been unable to turn this into a useable seamless link.

Thanks for the help anyway. 

DaSz
New here

You have to separately configure Service Provider-initiated SAML to do SSO from the dashboard, see https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/SP-Initiated_SAML_...

Thanks - I will check this out when I get some time and report back. 

Dudleydogg
A model citizen

I setup 2 dashboards one works perfectly, and the other one goes through the redirect process then Just lands on the Meraki page with a dialog that says "TRUE" and never goes to the dashboard,  Test from the Azure portal are all Green.  Thoughts or suggestions?

C3SGInc
Getting noticed

Has anyone been able to get the SP-Initiated SAML SSO to work?  I can get the test to work and then went through the guide to add SP-Initiated.  I go to the url for my subdomain and select SSO and get directed to my AAD login, complete the login but then get an error that my application identifier was not found in the directory.

 

Any ideas?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.