SAML-based SSO for a Ruby application.

Question

SAML-based SSO for a Ruby application.

Sig 41

Hi there,
First of all, let me point out I'm totally new to the things below so, please, forgive me if it may feel silly.

I'm trying to develop a SAML-based SSO for a Ruby application.

In my Azure Active Directory admin center, I have created an enterprise application (SAML SSO Test) and set up single sign on as below.

On the Ruby side, I'm using the ruby-saml gem (https://github.com/onelogin/ruby-saml) and I have configured it as described in the README

settings.sp_entity_id = url_base + "/saml/metadata"
settings.assertion_consumer_service_url = url_base + "/saml/acs"
settings.assertion_consumer_logout_service_url = url_base + "/saml/logout"

Where /saml/metadata returns the configuration in XML format.

Now, when I try to sign in I get the following error

What am I misisng here?
Where should I define the enitity_id in the SAML configuration on the Azure Active Directory admin center?

Siva-kumar-selvaraj 15,741 Reputation points Volunteer Moderator

2021-08-27T06:40:45.88+00:00

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,

1 answer

Your answer

Siva-kumar-selvaraj 15,741 Reputation points Volunteer Moderator

2021-08-27T06:40:45.88+00:00

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,

Answer 1

Siva-kumar-selvaraj 15,741 Volunteer Moderator

Hello @Sig ,

Thanks for reaching out.

Looking at SAML authentication request, it seems that Ruby application sending following https://localhost:3000/saml/metadata as identifier so to fix this issue, you need to replace with same value in Azure AD enterprise application as shown below. Hope this helps.

------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Sig 41 Reputation points

2021-08-26T07:44:53.903+00:00

Hi there,
Thanks for your reply.

After setting Identifier (Entity ID) as you suggested, it seems the authentication workflow works as expected.
JamesTran-MSFT 37,251 Reputation points Microsoft Employee Moderator

2021-08-30T18:29:36.913+00:00

@Sig
Thank you for following up on this and I'm glad that the solution provided helped resolve your issue!

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
srikanth tanneeru 0 Reputation points

2024-05-03T18:30:45.6466667+00:00

@JamesTran-MSFT , @Siva-kumar-selvaraj "I am looking for guidance on integrating my Rails application with Office 365. Specifically, I want to federate my Rails application as an IDP and Office 365 as a service provider. I would like to ensure that when a Rails application user clicks on a link to edit a document, they are not prompted to log in to Microsoft again, since they are already logged in to the Rails application. Can you please direct me to the appropriate documentation to implement this requirement?"

Share via

SAML-based SSO for a Ruby application.

1 answer

Your answer