SAML configuration with Okta

m.callow · 22 September 2020 07:25

Hi,

Is there any guide to setting up SuiteCRM to use SAML authentication from Okta?
I’ve tried to configure it by creating an App in Okta then configuring SAML from the SuiteCRM UI.
When I try to log in, the browser gets stuck in a redirect loop, from Okta to SuiteCRM and back again. I’ve tried to figure out whats going on and it looks to me like SuiteCRM is trying to find a user in the database without getting the username from the SAML assertion. I see the following errors in the log:

Fri Sep 11 03:35:46 2020 [23638][-none-][FATAL] SECURITY: User authentication for  failed
Fri Sep 11 03:35:46 2020 [23638][-none-][INFO] Query:SELECT users.* FROM users  WHERE user_name = '' AND deleted=0 LIMIT 0,1
Fri Sep 11 03:35:46 2020 [23638][-none-][INFO] Query Execution Time:0.00018191337585449
Fri Sep 11 03:35:46 2020 [23638][-none-][INFO] Query:SELECT users.* FROM users  WHERE users.id = '' AND users.deleted=0 LIMIT 0,1

Can anyone provide any insights into what I’m doing wrong?

Thanks

LouisWinter · 6 November 2020 21:55

Did you get Okta working with SuiteCRM? I’m having the same issue.

We are currently running version 7.8.0 (yes I know it’s old) and I’m trying to upgrade. to 7.11.17 (that was the most recent when I started working on this). If I turn off SAML2Authentication the system works fine using the internal user/password. When I turn on SAML I get the the redirection loop. SAMLAuthentication works fine on version 7.8 but it appears that this has been replaced with SAML2Authentication, which doesn’t seem to work (at least with Okta).

Thanks

m.callow · 8 November 2020 21:15

Hi, don’t have it working yet. I’ve parked the problem for now and have been working on other parts of the system.
Useful to know that it’s not just my setup that is wrong. If I make any progress I will post here.

umeshjagannatha · 6 July 2021 17:12

Hi M.Callow, were you able to get this working… looking for a solution here. Appreciate any help.