Meraki

Community

SAML auth for mobile app? Now, how do I fix my users?

RogerMurdock
Here to help
‎May 20 2021 8:12 AM
‎May 20 2021 8:12 AM

SAML auth for mobile app? Now, how do I fix my users?

After nearing completion of our Meraki wireless and camera rollout, I configured SAML authentication with our IDP in preparation for granting dashboard access for our security officer staff. The SAML config was rather painless and seems to work well. I have our security staff successfully logging into the dashboard and monitoring camera streams. The next phase is the rollout of the mobile app which is a requirement for their specific use case. 

 

After banging my head against the wall for a few hours, I now see that SSO isn't supported for the mobile app. All of my security officers have authenticated to the dashboard via SAML, I no longer have the ability to add their accounts back into the dashboard so they can authenticate via the mobile app without SAML. 

 

Error message produced: "Email has already been taken. Email is already in use by a SAML SSO user."

 

How do I revert their accounts back?

0 Kudos
4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal
‎May 20 2021 12:50 PM
‎May 20 2021 12:50 PM

Change your Idp to send something other than the email address for the username.

 

For example, if you are using Azure, change it from sending user.email to user.userprincipalname.  I do this on most customer installs as the email issue is very common - almost certainly someone using the system will have access to another Meraki org using their existing email address.

 

Meraki really should change this so that the authentication system (weather it be "Meraki" or SAML) is asserting WHO you are.  It should not matter what is doing that assertion.

PhilipDAth
Kind of a big deal
Kind of a big deal
‎May 20 2021 12:51 PM
‎May 20 2021 12:51 PM

ps.  I remember talk about SAML coming to the mobile app, but I have no idea of the timeframe on that.

0 Kudos
joe
Meraki Employee
Meraki Employee
‎Feb 7 2022 9:50 AM
‎Feb 7 2022 9:50 AM

Hey @RogerMurdock @PhilipDAth -- Private Beta signups for SAML in the mobile app are available here!

PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 7 2022 12:11 PM
‎Feb 7 2022 12:11 PM

I've done the sign-up.  I've got a number of test SAML environments I can use, which will help get the bugs out of the code.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.