Hi,
I'm trying to configure SAML AWS Cognito authentication with my Zabbix 6.0.20
I copied from Federated identity provider sign-in the certificate and saved on zabbix server in: /etc/ldap/ssl/idp.crt
I updated the /usr/share/zabbix/conf/zabbix.conf.php file as below:
In Zabbix GUII Enabled SAML authentication with these parameters:
How can I enable JIT provisioning?
When I try to login, I click on Sign in with Single Sign-On (SAML) and I redirect correctly to the Cognito authentication.
But after login I recieve the error:
Could someone can help me to fix it, please?
I'm trying to configure SAML AWS Cognito authentication with my Zabbix 6.0.20
I copied from Federated identity provider sign-in the certificate and saved on zabbix server in: /etc/ldap/ssl/idp.crt
I updated the /usr/share/zabbix/conf/zabbix.conf.php file as below:
Code:
$SSO['SP_KEY'] = '/etc/ldap/ssl/key.pem'; $SSO['SP_CERT'] = '/etc/ldap/ssl/cert.pem'; $SSO['IDP_CERT'] = '/etc/ldap/ssl/idp.crt'; $SSO['SETTINGS'] = [];
- IdP entity ID: <User pool ID>
- SSO service URL: https://<cognito>.auth.<region>.amazoncognito.com/login?client_id=<client_id>&response_type=code&sco pe=aws.cognito.signin.user.admin+email+openid+phon e+profile&redirect_uri=https://<my_zabbix_domain>/index_sso.php?acs
- SLO service URL:
- Username attribute: userEmail
- SP entity ID: <SAML_GROUP_NAME>
- SP name ID format:
- Sign
- Messages <SELECTED>
- Assertions <SELECTED>
- AuthN requests <SELECTED>
- Logout requests <SELECTED>
- Logout responses <SELECTED>
- Encrypt
- Name ID <SELECTED>
- Assertions <SELECTED>
- Case-sensitive login <SELECTED>
How can I enable JIT provisioning?
When I try to login, I click on Sign in with Single Sign-On (SAML) and I redirect correctly to the Cognito authentication.
But after login I recieve the error:
- No permissions for system access.
- SAML Response not found, Only supported HTTP_POST Binding
Could someone can help me to fix it, please?