You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've got a SAML provider providing SSO to an external server that I use. I was running 2024.8.3 and it was working perfectly. I updated to 2024.10.0 and it killed it. I rolled back to 2024.8.3 and it started working again. I then updated to 2024.10.2 and it killed it again. Rolled back to 2024.8.3 and started working again.
I asked ChatGPT to compare the logs to see what failed and this was ChatGPT's response:
The differences between the two Authentik log files primarily lie in specific field values and timings. Here’s a summary:
1. RelayState:
• Success Log: Ends with AAP//AwA=.
• Failed Log: Ends with AAD//wMA.
2. SAMLRequest:
• Success Log: Starts with fJHBboMwDIbve....
• Failed Log: Starts with fJFLT4NAEIDv....
3. Request ID:
• Success Log: d65b7bdfcc544978a7bc265a72fc3327.
• Failed Log: a0ddb8c42b104fa6beb995248da88a36.
4. Expiration Timestamp:
• Success Log: 2025-11-16T15:58:59.140Z.
• Failed Log: 2025-11-16T15:47:37.361Z.
Commonalities:
• ASN and Geo Information: Both logs report the same ASN (14593, SpaceX-Starlink) and geo-location (Atlanta, US).
• Application and User Information: Identical fields for authorized_application (REDACTED) and user details (email, username).
Likely Cause of Failure:
Differences in RelayState, SAMLRequest, or a mismatch in timing (expiration field) may be responsible for the failed attempt. These fields are critical for session handling and validation.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I've got a SAML provider providing SSO to an external server that I use. I was running 2024.8.3 and it was working perfectly. I updated to 2024.10.0 and it killed it. I rolled back to 2024.8.3 and it started working again. I then updated to 2024.10.2 and it killed it again. Rolled back to 2024.8.3 and started working again.
I asked ChatGPT to compare the logs to see what failed and this was ChatGPT's response:
The differences between the two Authentik log files primarily lie in specific field values and timings. Here’s a summary:
1. RelayState:
• Success Log: Ends with AAP//AwA=.
• Failed Log: Ends with AAD//wMA.
2. SAMLRequest:
• Success Log: Starts with fJHBboMwDIbve....
• Failed Log: Starts with fJFLT4NAEIDv....
3. Request ID:
• Success Log: d65b7bdfcc544978a7bc265a72fc3327.
• Failed Log: a0ddb8c42b104fa6beb995248da88a36.
4. Expiration Timestamp:
• Success Log: 2025-11-16T15:58:59.140Z.
• Failed Log: 2025-11-16T15:47:37.361Z.
Commonalities:
Likely Cause of Failure:
Differences in RelayState, SAMLRequest, or a mismatch in timing (expiration field) may be responsible for the failed attempt. These fields are critical for session handling and validation.
Beta Was this translation helpful? Give feedback.
All reactions