Zammad version: 6.0.0
Hello, we attempted to get Zammad working with SAML with our ADFS servers; here’s a list of things we attempted to do in order to make it work:
- inputted the certificate both with and without -----BEGIN CERTIFICATE-----
- tried using both the certificate and the certificate fingerprint
- made sure the servers are all running UTC time
- restarted the server after enabling the feature
- confirmed it seems to resolve OK on the ADFS side
Error in the UI:
# 422: The change you wanted was rejected.
Message from saml: invalid_ticket
Here’s the error we get on the pod itself:
[15/Jan/2024:07:22:29 +0000] "POST /auth/saml/callback HTTP/1.1" 302 9 "https://sso.XXXXXX.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"
[15/Jan/2024:07:22:29 +0000] "GET /auth/failure?message=invalid_ticket&strategy=saml HTTP/1.1" 422 444 "https://sso.XXXXXXX.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"