Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SAML administrator roles in dashboard

Warren65
New here
‎Jan 30 2024 7:07 AM
‎Jan 30 2024 7:07 AM

SAML administrator roles in dashboard

Hello

I have 2 users that are working using SSO-Google by setting them up in the SAML section of the dashboard. I attempted to add another user the same way and I am getting and error when the user attempts to login.  I checked the SAML login history with the dashboard and the log event states: "Assertion contains no role" for that user even though this user is setup exactly like my other 2.

Any ideas would be greatly appreciated.

Thanks

Warren65

 

 

 

0 Kudos
Subscribe
4 Replies 4
kYutobi
Kind of a big deal
‎Jan 30 2024 7:09 AM
‎Jan 30 2024 7:09 AM

the value of the roles match?

 

https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_S...

 

The Value of the role you configure in the Azure Portal must match the Role you configure in the Meraki dashboard.

Enthusiast
Subscribe
FeliA
Meraki Employee
Meraki Employee
‎Jan 30 2024 8:15 AM
‎Jan 30 2024 8:15 AM

Hello @Warren65,

 

As kYutobi mentioned, please ensure that the value of the roles match. 
The "Assertion contains no role" error is reported when the role assertion is either completely missing in the POST or when the role assertion name is invalid.

For the user that is experiencing the error, you can click on their login event and click Full XML to view the assertion information.

An example of viewing and verifying the assertion passed in the XML is provided in the following SAML Login History Events documentation:
https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/SAML_Login_History...

Best,
Feli

Subscribe
Warren65
New here
‎Jan 30 2024 12:46 PM
‎Jan 30 2024 12:46 PM

Hello

Thank you everyone. I looked at the full XML and compared it to the 2 accounts that are working and I did notice it is missing the role name. Now I am confused....Any ideas on how to fix this? I have the user that is not working in the same Google domain and group (role).

Thanks again

Warren65

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 30 2024 2:39 PM
‎Jan 30 2024 2:39 PM

I don't know the answer.

 

This article seems to talk about how to configure the role (step 10).

https://schoolinfoapp.zohodesk.com/portal/en/kb/articles/configure-saml-based-single-sign-on-using-a... 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.