UNSOLVED SAML IDP - message.State is null or empty
We are setting up Google as an SAML v2 IdP initiated identity provider, the setup is working fine, and the SAML exchange is working & authenticated into FusionAuth.
Our API gateway (dotnet) is integrated into our FusionAuth via OIDC & when it redirects, it contains the code but is missing the state parameter (which i understand happens in a SAML IdP workflow, after reading the comments on github).
The redirect back to our gateway for example is:
Our gateway throws the error:
OpenIdConnectAuthenticationHandler: message.State is null or empty.
We have tried to disable state validation (not ideal), but that does not work.
options.ProtocolValidator.RequireState = false; options.ProtocolValidator.RequireStateValidation = false;
You can see that Auth0 provides a hacky workflow in thier
Just wondering how I can get this to work? Any ideas?
dan last edited by
@tw Hmmm. Did you ever get this working?
A few thoughts:
- what version of FusionAuth are you running?
- have you turned on the debug switch and checked the event log? If so, can you share?
- This issue may be of interest: https://github.com/FusionAuth/fusionauth-issues/issues/1077