TFD
ThoughtSpot For Developers•3w ago
Jack

SAML Embedding error

Hi Guys, I'm just trying to get my application running with single sign on. I need it to seamlessly navigate to a liveboard within our react app but it seems to be producing some errors and redirecting to the sign in page. I have attached a screen recording of what happens when logging into the application along with the snippet of code I have and HAR files. I have also attached a screenshot of the security settings. Please let me know if you need any more information. Also should I be using EmbeddedSSO method or SAMLRedirect? Any help is much appreciated. Thanks, Jack.
No description
No description

saml_embed_benefex-d...

6 Replies
Jack
JackOP•3w ago
it's worth noting as well if i'm already signed in on a seperate tab with an open session it works fine. This particular case was incognito. But same error appears if i log out of the thoughtspot instance
shikharTS
shikharTS•3w ago
Hey can you remove the HAR file from here? Might contain sensitive info and this is a public forum Have you followed all the steps given here? https://developers.thoughtspot.com/docs/saml-sso. I can see the error is 
{
    "code": 10000,
    "incident_id_guid": "50071682-8afd-4844-9adb-9f4a0d6c533a",
    "trace_id_guid": "6183611a-d391-4818-8851-4f56a0e18469",
    "debug": "[\"Target URL domain localhost invalid or not whitelisted benefex-dev.thoughtspot.cloud:443.\"]"
}
{
    "code": 10000,
    "incident_id_guid": "50071682-8afd-4844-9adb-9f4a0d6c533a",
    "trace_id_guid": "6183611a-d391-4818-8851-4f56a0e18469",
    "debug": "[\"Target URL domain localhost invalid or not whitelisted benefex-dev.thoughtspot.cloud:443.\"]"
}
I see in the SS SAML redirect domain is empty. You might need to add localhost there..
Jack
JackOP•3w ago
is there anything that stops me updating that? my user is an admin and whenever i try to apply i change, it says saved succesfully then does not update the value
shikharTS
shikharTS•3w ago
I don't think so. If it doesn't update the value, might be a config needs to be turned on.. Can you create a TS support case for this? The support team should be able to help you here. We are checking internally if localhost is even allowed in redirect or not. I might be due to https validation not working for localhost as being the reason. If required we might update the flag in the BE to make this work. @Vivek.Mishra1 should be able to provide you updates on the support ticket..
Jack
JackOP•2w ago
thanks for the update, should i still raise a support case for the config setting or will vivek let me know? 🙂 thanks
Vivek.Mishra1
Vivek.Mishra1•2w ago
I will reach out @Jack via support case

Did you find this page helpful?