Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not Authenticating - IdentityCommand with SAML #2

Open
chkmcheek opened this issue Jul 10, 2024 · 0 comments
Open

Not Authenticating - IdentityCommand with SAML #2

chkmcheek opened this issue Jul 10, 2024 · 0 comments

Comments

@chkmcheek
Copy link

chkmcheek commented Jul 10, 2024
edited
Loading

Describe the issue
Unable to run DPA commands because it doesn't appear it's authenticating properly. Unsure if I'm just not understanding the documentation. I also noticed that not all the session properties like User, TenantId and SessionId are populating

To Reproduce
I'm following the steps provided in IdentityCommand and IdentityCommand.DPA

  1. New-IDSession using a SAML Response
  2. Connect-DPATenant
  3. Get-DPAModuleData

Expected behavior
I would expect to be able to run basic DPA commands

Screenshots & Console Output

PS C:\> $SAMLResponse = New-SAMLInteractive -loginidp https://company.okta.com/app/company_cyberark/exk22z4gm1wXIo0FB0h8/sso/saml
PS C:\> New-IDSession -tenant_url https://idtenant.id.cyberark.cloud/ -SAMLResponse $SAMLResponse
PS C:\> Get-IDSession

Name                           Value
----                           -----
tenant_url                     https://idtenant.id.cyberark.cloud
User
TenantId
SessionId
WebSession                     Microsoft.PowerShell.Commands.WebRequestSession
StartTime
ElapsedTime
LastCommand                    System.Management.Automation.InvocationInfo
LastCommandTime                7/10/2024 09:28:06
LastCommandResults             {"success":true,"Result":{"Connectors":[{"ConnectorInfo":{"Id":"b47c906e-5538-4357-aa9d-1efa...
LastError
LastErrorTime

PS C:\> Connect-DPATenant -tenant_url https://company.dpa.cyberark.cloud
PS C:\> Get-DPAModuleData

Name                           Value
----                           -----
tenant_url                     https://company.dpa.cyberark.cloud
User
TenantId
SessionId
WebSession                     Microsoft.PowerShell.Commands.WebRequestSession
StartTime
ElapsedTime
LastCommand                    System.Management.Automation.InvocationInfo
LastCommandTime                7/10/2024 09:25:53
LastCommandResults             ...
LastError
LastErrorTime


PS C:\> Get-DPAPolicy
Invoke-IDRestMethod : Authentication failed. If the issue persists, please contact your system administrator.. Authentication
token validation failed
At line:19 char:19
+         $result = Invoke-IDRestMethod -Uri $URI -Method GET
+                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: ({"code": "DPA_A...dation failed"}:ErrorRecord) [Invoke-IDRestMethod], Exception
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand,Invoke-IDRe
   stMethod
@chkmcheek chkmcheek changed the title Not Authenticating - IdcentityCommand with SAML Not Authenticating - IdentityCommand with SAML Jul 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chkmcheek