snipe-it SAML AZURE

Debug mode

[X] I have enabled debug mode
[X] I have read checked the Common Issues page

Describe the bug

When i tried to connect with my Azure credentials, i have this error message : AADSTS50011: The reply URL 'http://assets.xxx.fr/public/saml/acs' specified in the request does not match the reply URLs configured for the application 'https://assets.xxx.fr/public'. Make sure the reply URL sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/urlMismatchError to learn more about how to fix this

Reproduction steps

Configure SAML On Azure through App registration and App Enterprise
Configure SAML on SNIPE-IT
Add Groups to connect to App Enterprise
Connect with Azure Credentials
Stay Sign-in
Error ...

Expected behavior

In Azure i cannot put http for a reply URL However, Snipe-it asks me to do it

Screenshots

Capture d'écran 2024-04-30 075259

Snipe-IT Version

v6.3.0 build 12490 (g9136415bb)

Operating System

Windows Server 2022

Web Server

Apache

PHP Version

8.1.27

Operating System

Windows 11

Browser

Edge and Firefox

Version

Firefox : 125.0.2 / Edge 124.0.2478.67

Device

No response

Operating System

No response

Browser

No response

Version

No response

Error messages

No response

Additional context

Snipe-IT installed with WAMP

Apr 30 '24 05:04 emorvan1987

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

Apr 30 '24 05:04 welcome[bot]

You have to use https for saml to work.

Apr 30 '24 16:04 knd775

@knd775 Of course i have to use https. Unfortunately, I set https on Azure but snipeIT responds with http.

The request http is set on SnipeIT.

Thank you Regards

May 01 '24 05:05 emorvan1987

You have to use https on your Snipe-IT install then, and make sure the APP_URL is https, not http

May 01 '24 12:05 snipe

Hi @snipe ,

Thank you for your answer. So if i understand well, i need to reinstall SnipeIT or can i change it in a conf file ?

Thank you Regards

May 01 '24 12:05 emorvan1987

Hello,

Could you please tell me if you have any ideas to help me about this issue ?

Thank you Reagrds

May 13 '24 07:05 emorvan1987

You don't need to reinstall. Just change the URL to https wherever you have it configured.

May 13 '24 17:05 knd775

Hello @knd775

Thank you for your reply.

So if i understand well, i need to change the APP_URL with https. However, in my env file, the APP_URL is already on https.

Is it another file where APP_URL is set ?

Thank you Regards

May 14 '24 05:05 emorvan1987

Sorry, but I'm not able to help much beyond that. I run the application in Docker, so how it's configured works a bit differently.

May 14 '24 13:05 knd775

Hello @knd775,

Thank you for your time and your replies.

I hope someone else can help me about it.

May 15 '24 08:05 emorvan1987

Is it another file where APP_URL is set ?

No, it's only set in the .env.

Make sure the URL you're using in Azure for the Snipe-IT endpoint is also https

May 16 '24 21:05 snipe

Hi @snipe,

Thank you for your reply.

Yes in Azure, in app registrations and app enterprise i put https for redirect URL, front-channel logout URL, Application ID URL, SingInURL, identifierURLS.

Thank you for your time to reply me. If you have any others ideas to fix this issue, i will take it ;)

May 17 '24 09:05 emorvan1987

Hello,

Any ideas to help me ? If you need more comprehension we can do a teams meeting

Thank you Regards

May 22 '24 09:05 emorvan1987

Hello

Just to inform you, i tried to reimport XML file and on Azure the reply in https, on Snipe IT the Assertion Consumer Service (ACS) URL is on HTTP

Thank you

May 27 '24 08:05 emorvan1987