CODEWITHSUNDEEP
djangoauthenticationsingle-sign-onsamldjango-saml2-auth
Sudheer Kumar
Sudheer Kumar

Reputation: 31

Django SAML Auth giving error as Sorry, you are not allowed to access this app

I am trying to Integrate SSO authentication using grafana-django-saml2-auth

My SAML_AUTH files looks like below

SAML2_AUTH = {

'METADATA_LOCAL_FILE_PATH': os.path.join(BASE_DIR,'ssometadata.xml'),

'DEBUG': False,  # Send debug information to a log file

# Optional settings below
'DEFAULT_NEXT_URL': 'XXX/SearchScreen/',  # Custom target redirect URL after the user get logged in. Default to /admin if not set. This setting will be overwritten if you have parameter ?next= specificed in the login URL.
'CREATE_USER': True,  # Create a new Django user when a new user logs in. Defaults to True.
'NEW_USER_PROFILE': {
    'USER_GROUPS': ["user"],  # The default group name when a new user logs in
    'ACTIVE_STATUS': True,  # The default active status for new users
    'STAFF_STATUS': False,  # The staff status for new users
    'SUPERUSER_STATUS': False,  # The superuser status for new users
},

'ASSERTION_URL': 'http://127.0.0.1:8000/',  # Custom URL to validate incoming SAML requests against
'ENTITY_ID': 'http://127.0.0.1:8000/saml2_auth/acs/',  # Populates the Issuer element in authn request
'USE_JWT': False,  # Set this to True if you are running a Single Page Application (SPA) with Django Rest Framework (DRF), and are using JWT authentication to authorize client users

}

when I access the application getting below error .

Sorry, you are not allowed to access this app To report a problem with your access please contact your system administrator

Error code: 1106

Reason: There was an error processing your request.

Can some one please help on how to fix this ?

Thanks,

Upvotes: 2

Views: 1706

Answers (2)

Richard Scholtens
Richard Scholtens

Reputation: 1023

You have the django_saml2_auth following error:

NO_REVERSE_MATCH = 1106

Error References

Probably referring to the Django error:

NoReverseMatch

Check all URLs if they exist and/or are accessible.

Upvotes: 0

gustavo_ek
gustavo_ek

Reputation: 31

I had the same issue. The problem was that the entity id in the settings.py file was different from the one I provided in my IdP configuration (I am using Azure AD, but this error could happen in Okta or other provider as well).

Also check if the user has permission to access the DEFAULT_NEXT_URL page.

Upvotes: 1

Related Questions