Adding a second SAML provider duplicates users into the SAML configuration causing authentication failures.
search cancel

Adding a second SAML provider duplicates users into the SAML configuration causing authentication failures.

book

Article ID: 396433

calendar_today

Updated On:

Products

VMware Tanzu Kubernetes Grid Integrated Edition

Issue/Introduction

Adding a second SAML provider created duplicate users in the SAML configuration. The duplicate users being created in the SAML configuration caused authentication failures. In this instance, a second IDP was created for Harbor. The objective for creating the second IDP for Harbor was to have both TKGI and Harbor work with the same SAML provider. 

Environment

TKGI 1.22.1

UAA

SAML

Cause

In this instance, there were duplicate users due multiple SAML providers which then caused authentication to the group membership to fail.

Resolution

Used API as documented in the following documentation to delete duplicated users.

https://docs.cloudfoundry.org/api/uaa/version/77.30.0/index.html#delete-2

https://docs.cloudfoundry.org/api/uaa/version/77.30.0/index.html#overview

Powered by Wolken Software