You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a question regarding ADFS federation using Authentik as the Service Provider (SP). We have successfully set it up and it's operational. However, we are encountering a redirection issue. When attempting to access an application protected by Authentik and logging in through an external Identity Provider (IdP), we are redirected back to the Authentik applications page.
Upon further investigation, we observed that the RelayState, along with all the query parameters from our initial request, are lost between the authentication's Identification stage and the federation's Pre-authentication flow.
So, my questions are:
Why is the Pre-authentication flow necessary when establishing a federation? Since the default one is empty and we have no plans to use it, I'm uncertain why this flow is mandatory.
Is there a specific reason behind the query parameters suddenly becoming empty when reaching the federation's Pre-authentication stage?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello,
I have a question regarding ADFS federation using Authentik as the Service Provider (SP). We have successfully set it up and it's operational. However, we are encountering a redirection issue. When attempting to access an application protected by Authentik and logging in through an external Identity Provider (IdP), we are redirected back to the Authentik applications page.
Upon further investigation, we observed that the
RelayState
, along with all the query parameters from our initial request, are lost between the authentication'sIdentification
stage and the federation'sPre-authentication
flow.So, my questions are:
Why is the
Pre-authentication
flow necessary when establishing a federation? Since the default one is empty and we have no plans to use it, I'm uncertain why this flow is mandatory.Is there a specific reason behind the query parameters suddenly becoming empty when reaching the federation's
Pre-authentication
stage?Some additional infos :
Post auto
bindingBeta Was this translation helpful? Give feedback.
All reactions