Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi
We are implementing SSO in qliksense with IDAM of Microfocus. We have created the virtual proxy as required and uploaded the IDP metadata and shared the SP metadata with the IDAM.
But whenever we are trying to log in to qliksense through our SSo, then it's not opening the page rather it's showing error 'Unable to complete request at this time. (Request was from an untrusted provider-95241285D8958F10)'. After discussing the same with IDAM team they are saying that Qliksense is not supporting SP initiated SSO, it's working on IDP initiated SSO.
Is there any case that qliksense doesn't support SP initiated SSO?
We are using Qliksense Nov 2021 version.
Please guide.
Hello @manish_2991
That is SAML authentication, right?
Qlik Sense DOES support SP-initiated SSO.
From the error message, "Request was from an untrusted provider-95241285D8958F10" it rather looks like IDAM fails to validate the signature on the SAML AuthnRequest, maybe because it's using a self-signed certificate ?
You can replace your certificate by a certificate of your choice if you wish:
But keep in mind that it needs to have the cryptographic provider Microsoft Enhanced RSA and AES Cryptographic Provider if you wish to use SHA-256
Hope that helps.
Best regards,
Hi Damien
Thanks for your revert.
On further investigating the issue we discovered that there was some issue at IDAM end only. They were not able to read the SP metadata properly. Now it's working with Self signed certificate only.
But now when we are trying with third party wildcard certificate we are getting issue in IDAM. Whenever they import the SP metadata having the wildcard certificate details they are unable to upload and it gives the attached error. Also when they try to import the certificates directly from IDAM by connecting Qliksense server (using IP& port - 100.0.0.100:443)it shows an error that Root certificate is not found on the server. (attached screenshot of the same).
Please guide what could be the issue?
Hello @manish_2991
Was that certificate generated by a public Certificate authority such as VeriSign or similar, or generated by yourself?
Based on the error, it looks you would need to import the Certificate authority certificate of that certificate to IDAM so that it can trust it.
Best regards,
any documentation or steps on how to Integration with Oracle IDAM(SSO configuration) @Damien_V