SSO to Azure Active Directory - facing error

tom_s
tom_s Partner, Registered Posts: 3 Partner
in Setup & Configuration

I am looking to setup SSO against my azure active directory.

I have AD actively syncing and users actively provisioned on the platform.

When I configure SSO and test it, I get redirected to the MS login screen, I can sign in using email and password, but I then hit the following screen and not successfully redirected to the Dataiku platform.

Struggling to find much on that MS error code. Any guidance on what might be the problem here?

Error: 'AADSTS90121: Invalid empty request.'

Screenshot 2023-12-12 192000.png

Operating system used: ubuntu (20.04)

Tagged:
· Share on FacebookShare on Twitter

Answers

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 1,914 Neuron

    What SSO protocol did you setup? Did you follow all the required steps as per the documentation?

    https://doc.dataiku.com/dss/latest/security/sso.html

    · Share on FacebookShare on Twitter
  • tom_s
    tom_s Partner, Registered Posts: 3 Partner

    @Turribeach
    - yes, I set everything up in the DSS settings and azure as per that guide.

    I am using the SAML protocol.

    · Share on FacebookShare on Twitter
  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 1,914 Neuron

    There is a "Testing SAML SSO" section. Did you follow the steps? What do the logs show?

    · Share on FacebookShare on Twitter
  • tom_s
    tom_s Partner, Registered Posts: 3 Partner
    edited July 17

    @Turribeach
    - yes, I followed those steps.

    I notices in the online documentation that Azure cloud stacks (https://doc.dataiku.com/dss/latest/installation/cloudstacks-azure/sso.html#saml) suggests a callback URL of:

    BASE_URL/api/saml-callback

    vs the general documentation which suggests:

    BASE_URL/dip/api/saml-callback

    Any view on which is correct? (I have tested both and getting the same error so doesn't feel like this is the current issue I am coming up against....)

    Backend.log doesn't tell me much:

    [2023/12/12-19:55:02.923] [qtp936219350-18] [DEBUG] [dku.tracing]  - [ct: 0] Start call: /api/get-configuration [GET] user=none
[2023/12/12-19:55:02.931] [qtp936219350-18] [DEBUG] [dku.tracing]  - [ct: 8] Done call: /api/get-configuration [GET] time=8ms user=none
[2023/12/12-19:55:02.988] [qtp936219350-15] [DEBUG] [dku.tracing]  - [ct: 0] Start call: /api/get-saml-redirect-url [POST] user=none
[2023/12/12-19:55:02.990] [qtp936219350-15] [DEBUG] [dku.tracing]  - [ct: 2] Done call: /api/get-saml-redirect-url [POST] time=2ms user=none
[2023/12/12-19:55:06.717] [pool-5-thread-1] [INFO] [dku.doctor.cacheable-kernel]  - Running kernel cache cleanup on cache manager com.dataiku.dip.analysis.ml.interactivemodel.InteractiveModelService@234d223c
[2023/12/12-19:55:06.717] [pool-5-thread-1] [INFO] [dku.doctor.cacheable-kernel]  - cleanup done
[2023/12/12-19:55:07.339] [pool-8-thread-1] [INFO] [dku.doctor.cacheable-kernel]  - Running kernel cache cleanup on cache manager com.dataiku.dip.analysis.coreservices.DataAugmentationService@3f18527a
[2023/12/12-19:55:07.339] [pool-8-thread-1] [INFO] [dku.doctor.cacheable-kernel]  - cleanup done
[2023/12/12-19:55:07.635] [Hproxy kernels expiration timer] [INFO] [dku.kernels.cluster_dependent.manager]  - Perform routine cleanup on hproxy kernels (0 kernels running)
[2023/12/12-19:55:07.635] [Hproxy kernels expiration timer] [INFO] [dku.kernels.cluster_dependent.manager]  - Found 0 idle kernels to release
[2023/12/12-19:55:08.248] [Plugin setup ui cache timer] [INFO] [dku.plugins.setup]  - Perform routine cleanup on setup sessions cache (0 sessions open)
[2023/12/12-19:55:08.272] [Scala kernels expiration timer] [INFO] [dku.kernels.cluster_dependent.manager]  - Perform routine cleanup on scala kernels (0 kernels running)
[2023/12/12-19:55:08.272] [Scala kernels expiration timer] [INFO] [dku.kernels.cluster_dependent.manager]  - Found 0 idle kernels to release
[2023/12/12-19:55:08.275] [pool-14-thread-1] [INFO] [dku.spark.history]  - cleanup cache
[2023/12/12-19:55:08.309] [jupyter-kernels-monitors-watcher-123] [DEBUG] [dku.resourceusage.jupyter]  - Updating monitoring of the local Jupyter Kernels
[2023/12/12-19:55:08.312] [jupyter-kernels-monitors-watcher-123] [INFO] [dku.jupyter]  - Active Jupyter sessions: []
[2023/12/12-19:55:09.266] [SQL query cache timer] [INFO] [dku.stream.sql]  - Perform routine cleanup on streaming sql queries cache (0 sessions open)
[2023/12/12-19:55:38.276] [pool-14-thread-1] [INFO] [dku.spark.history]  - cleanup cache
[2023/12/12-19:55:41.512] [JEK-2pfNXz1R-log-185] [INFO] [dku.jobs.kernel]  - [2023/12/12-19:55:41.512] [SQL query cache timer] [INFO] [dku.stream.sql]  - Perform routine cleanup on streaming sql queries cache (0 sessions open)

    Any guidance on how I might get more logging?

    · Share on FacebookShare on Twitter
Bookmark this topic

Categories

Setup Info
    Tags
      Help me…