cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki SAML and deep linking

SOLVED
jdso
Conversationalist

Meraki SAML and deep linking

Hi,

 

Has anyone been able to deep link from your own application to a specific Meraki page (eg: network overview) through SAML auth?

 

I'm using AzureAD as the idP, I can see that the SAML Response is generated together with a RelayState parameter that contains the deep link to the Meraki page.

But apparently the RelayState parameter gets ignored in the login process and I'm redirected to the organisation main page. So SSO works, but the deep link does not.

 

Any thoughts? Thx

1 ACCEPTED SOLUTION

Accepted Solutions
PhilipDAth
Kind of a big deal

Re: Meraki SAML and deep linking

My experience is that the RelayState is ignored by the Meraki Dashboard.

View solution in original post

3 REPLIES 3
PhilipDAth
Kind of a big deal

Re: Meraki SAML and deep linking

That is expected behaviour, at least if you are not already authenticated with a token.

 

It might work if you click on it again (where you already have the authentication token) - don't know - never tested.

jdso
Conversationalist

Re: Meraki SAML and deep linking

Hi Philip,

 

Thanks for your input.

 

The link in my application redirects the browser to the AzureAD User Access URL, so that a SAML token is generated. AzureAD then redirects to the Meraki SAML login URL, and includes the SAML token + the Relay State parameter that contains the "deep link" to the Meraki page.

 

My expectation was that Meraki would validate the SAML token, interpret the RelayState SAML parameter and redirect me accordingly. I think this is the standard behaviour for SAML SPs.

 

Something like this (not everything applies because our scenario is idP initiated):

 

saml.png

(taken from https://developer.okta.com/docs/concepts/saml/ )

 

A second click would not work because it would repeat the process, starting in AzureAD.

But, if I paste the deep link URL (the one stored in the RelayState parameter) on the browser, then it does work because the user is already authenticated. 

 

  

PhilipDAth
Kind of a big deal

Re: Meraki SAML and deep linking

My experience is that the RelayState is ignored by the Meraki Dashboard.

View solution in original post

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.