Juniper and SAML Authentication

Ok, I think I have it almost working. Apparently the slug for the profile has to be “default”.

I found this post (Missing metadata.xml while configuring SAML third party auth on Ironwood edx - #4 by braden) that talks about it.

I am now able to access the metadata but the ACS url being generated is http instead of https. Any idea on how I can change this?

Looks like I am getting a little closer, but this is partially due to the ACS being http.

Error Details:
Authentication failed: SAML login failed: [‘invalid_response’] (The response was received at http://online.example.org:8000/auth/complete/tpa-saml/ instead of http://online.example.org/auth/complete/tpa-saml/)

Studio/LMS are both running on port 443 through nginx, so not sure where the 8000 is coming from.

Added later

Just putting these here. I had to enable the following:

I set these values and it works now with any mixed content errors.

NGINX_REDIRECT_TO_HTTPS: True
NGINX_HTTPS_REDIRECT_STRATEGY: "scheme"
NGINX_SET_X_FORWARDED_HEADERS: True

Once I did this, the urls were generated with https.

Tom