Ping federate with random id in the login url
Closed this issue · 2 comments
I have login portal that generates URLs with a random ids
When I open this url
https://idfs.companyxxx.com/idp/startSSO.ping?PartnerSpId=urn:amazon:webservices
it redirects to URL like this, where 2lsjh is a random id it adds
https://idfs.company.com/idp/2lsjh/resumeSAML20/idp/startSSO.ping
Any tips how to deal with such server? This is my current config which is not working
[default]
name = default
app_id = urn:amazon:webservices
url = https://idfs.companyxxx.com/idp/{randomId}/resumeSAML20
username = xxx
provider = Ping # not sure if this is right provider?
mfa = Auto
skip_verify = true
aws_urn = urn:amazon:webservices
aws_session_duration = 3600
aws_profile = saml
disable_remember_device = false
disable_sessions = false
download_browser_driver = false
headless = false
Almost there.
The server has this form:
<input id="passwd" type="password" name="pf.pass" class="form-control" placeholder="SecurID code ...">
which assumes that user enters code plus token as one string in the password field
But the cli fails with this error
Unknown document type
Error authenticating to IdP.
github.com/versent/saml2aws/v2/cmd/saml2aws/commands.Login
github.com/versent/saml2aws/v2/cmd/saml2aws/commands/login.go:109
main.main
github.com/versent/saml2aws/v2/cmd/saml2aws/main.go:196
runtime.main
runtime/proc.go:271
runtime.goexit
runtime/asm_arm64.s:1222
I guess I need to disable mfa? Can't figure out how to do it since Pingone requires one
[default]
name = default
app_id =
url = https://idfs.companyxxx.com/idp/startSSO.ping?PartnerSpId=urn:amazon:webservices
username = xxx
provider = PingOne
mfa = None
Never mind, the form was actually asking to enter "next token" - everything is working nicely.
Thank you for a great product!