search cancel

Dx SAAS SAML Setup Issue

book

Article ID: 227793

calendar_today

Updated On:

Products

DX Application Performance Management

Issue/Introduction

SAML Setup is not authenticating for DX SAAS. We see in the log file

issuer.value mismatch: expected: urn:mycompany:S8AAASi:SAML2.0:IDP, actual: mycompany:S8AAASi:SAML2.0:IDP

After logging using the created token it would just roll back to the login screen after putting in the credentials.  

Environment

Release : 20.2

Component :

Resolution

Provided details on how to setup SAML.

Map Attributes between DXI and SAML Account

Roles, Email, First name, Last name are required.

Example role Mappings between DX APM roles and SAML groups.

{
  "roleMappings": [
    {
      "rolename": "TA",
      "anyGroups": [
        {
          "name": "ApmAdmin",
          "distinguishedName": "ApmAdmin"
        }
      ]
    },{
      "rolename": "PU",
      "anyGroups": [
        {
          "name": "ApmPower",
          "distinguishedName": "ApmPower"
        }
      ]
    },{
      "rolename": "UZ",
      "anyGroups": [
        {
          "name": "ApmRead",
          "distinguishedName": "ApmRead"
        }
      ]
    }
  ]
}