- Used Zammad version: 6.3.1
- Used Zammad installation type: Helm Chart in RKE2 Cluster
- Operating system: Ubuntu22.04
- Browser + version: Edge, Firefox, Chromium
Hi,
this is my authenik config:
Provider:
name: zammad
ACS URL: https://zammad./auth/saml/callback
Issuer : https://zammad./auth/saml/metadata
Service Provider Binding : Post
Audience: https://zammad./auth/saml/metadata
Signing Certificate: ------------------
Verification Certificate: ------------------
Property mappings: Zammad SAML-Zuordnung: email and Zammad SAML-Zuordnung: name
NameID Property Mapping: Zammad SAML-Zuordnung: name
Application:
Name: Zammad
Slug: zammad
Provider: zammad
Launch URL: https://zammad.
Property Mappings:
Zammad SAML-Zuordnung: email
SAML Attribute Name: email
Friendly Name:
Expression: return request.user.email
Zammad SAML-Zuordnung: name
SAML Attribute Name: name
Friendly Name:
Expression: return request.user.name
Zammad Settings:
DISPLAY NAME: Authentik
IDP SSO TARGET URL: https://authentik./application/saml/zammad/sso/binding/init
IDP SINGLE LOGOUT TARGET URL: https://zammad.<my.domain>/auth/saml/slo
IDP CERTIFICATE: ----BEGIN CERTIFICATE---- …
IDP CERTIFICATE FINGERPRINT: empty
NAME IDENTIFIER FORMAT: empty
UID ATTRIBUTE NAME:
SSL VERIFICATION: no
SIGNING & ENCRYPTING: no
YOUR CALLBACK URL: (i can’t change that) http://localhost:61520/auth/saml/callback
When I try to log in from Zammad via Authentik, I am redirected to Authentik, log in there and then am redirected back to Zammad.
There I get a window with the message:
422: The change you wanted was rejected.
Message from saml: invalid_ticket
Do I have an error in my config?
Thank you very much in advance for the help!!
Daniel