SAML authenitcation with Azure AD guidance

Posit Professional & Hosted Products
1

C

Error: Unable to initialize authentication provider saml: could not load IdP metadata from https://login.microsoftonline.com/guid/federationmetadata/2007-06/federationmetadata.xml?appid=guid: no IdPs were found that support NameIDFormat urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
IdPs were found that support NameIDFormat urn:oasis:names:tc:SAML:1.1:nameid-format:

I am using the following setting in Azure AD for name ID format.
Please advise
image

2

Hi @vanand !

Thanks for reaching out! Note that for more direct / professional support, you can submit a support ticket to support@rstudio.com

In the meantime, using the Azure AD metadata directly is unfortunately not supported in RStudio Connect 1.7.2 , because Azure does not specify the name ID format. As a result, you need to specify metadata manually. We have resolved this issue for the coming general availability (GA) release of RStudio Connect SAML integration.

If you need more help specifying the metadata manually, feel free to comment here or open a support ticket. You should be specifying the following for IdP configuration in the rstudio-connect.gcfg file:

IdPEntityId = 
IdPSingleSignOnServiceURL =
IdPSigningCertificate =

Sorry for the trouble! Please let us know if you have additional questions!

3

An alternate / more thorough explanation that might be helpful:

Thanks for trying our beta support for SAML!

In Azure, under the Single Sign-on options for the Enterprise Application you have created for RStudio Connect look for the following information:

  • Certificate (Base64) - Download this file and save it on the host where Connect is running.
  • Login URL
  • Azure Identifier

You're going to use this information to configure the following settings in RStudio Connect under the [SAML] section of the rstudio-connect.gcfg file:

  • IdPSigningCertificate ​- path to the certificate file downloaded on the host where Connect is running.
  • IdPSingleSignOnServiceURL
  • IdPEntityID

Once these are configured, just restart RStudio Connect.

Assuming you have mapped in Connect the SAML attributes correctly to the claims in your Azure Enterprise App, you should be all set.

4

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

If you have a query related to it or one of the replies, start a new topic and refer back with a link.