We setup SSO with Buzz a few months ago and it stopped working this week. Did something change on the Agilix side?
The SSO metadata file we use is: https://gls.agilix.com/saml/mycva/metadata.xml
This configuration creates a relying party trust for: https://gls.agilix.com/SAML/mycva
SAML requests from Buzz are being sent with a different identifier. Here’s an example of a decrypted SAML request:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_328de988-cfb1-4f02-86ba-682a11465310" Version="2.0"IssueInstant="2015-12-17T17:52:42.6570782Z" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"AssertionConsumerServiceURL="https://api.agilixbuzz.com/SAML/mycva/Consumer">
<saml:Issuer>https://api.agilixbuzz.com/SAML/mycva</saml:Issuer>
</samlp:AuthnRequest>
I have confirmed this by viewing the event viewer on our server:
Comments (3)
Yes, Dennis. This was an issue that arose on 12/10. The API URL for Buzz was updated to api.agilixbuzz.com. While gls.agilix.com can still be used independently of Buzz, it would be required to update anywhere you reference the service from gls.agilix.com to api.agilixbuzz.com for Buzz integrations (i.e., SSO).
I am sorry for this frustration.
Hi Brad,
Thank you for letting me know and updating the metafile fixed the issue. I'm sure you are already aware of this, but the following support document sill has the old URL.
https://support.agilix.com/hc/en-us/articles/205819985-SSO-Configuration-Changes-pdf-only-
Thanks again,
Dennis
Thanks for pointing that out, Dennis. We'll get that URL fixed soon.