Environment
OpenEdx Version : quince
Installed by Tutor on an AWS ec2 instance.
Tried to use Okta as the IDP (SAML) and OpenEdx as the SP(SAML),
Followed the docs on
https://edx.readthedocs.io/projects/edx-installing-configuring-and-running/en/latest/configuration/tpa/tpa_integrate_open/tpa_SAML_IdP.html
https://edx.readthedocs.io/projects/edx-installing-configuring-and-running/en/latest/configuration/tpa/tpa_SAML_SP.html
https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm
After the above steps, I can see.
- Metadata is ready for the SAML IDP provider configuration
- SAML provider data is valid and successfully fetched
The problem
When I try to start the OpenEdx(SAML) app in Okta’s dashboard, starting a IDP-initiated flow, it doesn’t work. The LMS logs has the following error
lms-1 | 2024-06-04 06:53:33,368 INFO 7 [tracking] [user None] [ip 172.18.0.1] logger.py:41 - {"name": "/auth/complete/tpa-saml/", "context": {"user_id": null, "path": "/auth/complete/tpa-saml/", "course_id": "", "org_id": "", "enterprise_uuid": ""}, "username": "", "session": "", "ip": "172.18.0.1", "agent": "curl/8.5.0", "host": "openedx.aue1t.internal", "referer": "", "accept_language": "", "event": "{\"GET\": {}, \"POST\": {\"SAMLResponse\": [\"PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIERlc3RpbmF0aW9uPSJodHRwczovL29wZW5lZHguYXVlMXQuaW50ZXJuYWwvYXV0aC9jb21wbGV0ZS90cGEtc2FtbC8iIElEPSJpZDk1MDE2Nzk1NDk3ODUwMjI1NDc1NjE0IiBJc3N1ZUluc3RhbnQ9IjIwMjQtMDYtMDNUMDU6NTE6MzIuODAyWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj48c2FtbDI6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wO", "time": "2024-06-04T06:53:33.368009+00:00", "event_type": "/auth/complete/tpa-saml/", "event_source": "server", "page": null}
lms-1 | 2024-06-04 06:53:33,381 ERROR 7 [common.djangoapps.third_party_auth.models] [user None] [ip 172.18.0.1] models.py:834 - No SAMLProviderData found for provider "" with entity id "" and IdP slug "". Run "manage.py saml pull" to fix or debug.
lms-1 | 2024-06-04 06:53:33,382 INFO 7 [social] [user None] [ip 172.18.0.1] middleware.py:37 - Authentication with is currently unavailable.
From the browser I can see the full SAML response data, but in logs, I can only see (first) part of the full SAML response data. I guess that might be the cause of the empty entity id in the ERROR log.
Does anyone know what might be the problem and how I can further troubleshoot on this?
Thank you.