Taiga-okta authentication using SAML plugin gets 405 error

Hi, I have a taiga server installed using source code. I managed to get the saml-auth-contrib plugin to work for okta. So when i press “sign in with saml”, i get redirected to our okta sign in. i get authenticated fine (we’re seeing okta authentication successful). but when it return to my taiga URL, it shows 405 not allowed error

can you help me check this? As per the instruction on the plugin, most of the sp details are set automatically. But on okta side, it’s set as:

• Single Sign-On URL http://my.taiga.company.com/login?next=%252Fdiscover
• Audience Restriction http://my.taiga.company.com/login?next=%252Fdiscover
• Sign-out URL http://my.taiga.company.com/discover
  i have also enabled CORS:

CORS_ALLOW_ALL_ORIGINS = True

# Other options you might consider:
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_HEADERS = [
    'content-type',
    'authorization',
]

Im stuck on what else could be the issue

Thank you!

Hi there,

First of all, we do not use that plugin, so we probably won’t be of much help. You may try to contact the plugin author on Github, but seeing how long it has not been updated, maybe that won’t be of help either.

However, the issue is that you are trying to make a POST request to the discover page, which does not support the POST method. We do not have a Single Logout URL, so as per the Okta documentation, you should probably use the main SP URL.

Hope this helps,

Best regards!

For some reason I got this working or at least errors on the plugin are gone. but now im facing an issue on the account creation. Is taiga made to manually create the account and not based on other authentication methods? Taiga server config seems fine. Okta authentication is succesful and redirects normally. but then taiga server doesn’t recognize the credentials/account.