Thread: Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
From
Viktor Madarasz
Date:
Hi
Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
Trying to switch IdP Provider from Onelogin ( working right now with Pgadmin4 + Webserver Authentication + Onelogin as IdP provider to Azure SAML SSO.
It looks like the mapped attributes might be the one causing the issue coming from Azure side.
The username in a form of firstname.lastname@domain.com gets parsed correctly but the actual group memberships not being passed along and therefore users being logged in with read only profiles and it does not respect their group memberships.
Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
Trying to switch IdP Provider from Onelogin ( working right now with Pgadmin4 + Webserver Authentication + Onelogin as IdP provider to Azure SAML SSO.
It looks like the mapped attributes might be the one causing the issue coming from Azure side.
The username in a form of firstname.lastname@domain.com gets parsed correctly but the actual group memberships not being passed along and therefore users being logged in with read only profiles and it does not respect their group memberships.
Regards
Viktor
Viktor
Re: Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
From
Yogesh Mahajan
Date:
Hi,
pgadmin4 only uses Azure AD for authentication. However users logged in with Azure SSO(or any OAuth2) are the normal users who have all the access other than adding new users.
Not sure what exactly you mean 'Read only profiles'? What are the limitations you have seen in pgadmin?
Thanks,
Yogesh Mahajan
EnterpriseDB
On Mon, Mar 31, 2025 at 6:26 PM Viktor Madarasz <viktor.madarasz@yahoo.com> wrote:
Hi
Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
Trying to switch IdP Provider from Onelogin ( working right now with Pgadmin4 + Webserver Authentication + Onelogin as IdP provider to Azure SAML SSO.
It looks like the mapped attributes might be the one causing the issue coming from Azure side.
The username in a form of firstname.lastname@domain.com gets parsed correctly but the actual group memberships not being passed along and therefore users being logged in with read only profiles and it does not respect their group memberships.Regards
Viktor
Re: Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
From
Khushboo Vashi
Date:
Hi,
On Mon, Mar 31, 2025 at 6:26 PM Viktor Madarasz <viktor.madarasz@yahoo.com> wrote:
Hi
Pgadmin4 Webserver Authentication + Azure SAML SSO , anyone ever managed to configure it?
As Yogesh said, Azure SSO with pgAdmin 4 OAuth2 authentication is very common, but we never tried Azure SSO with Webserver.
Please provide your pgAdmin configuration file and Azure SSO configuration so we can understand how you would like to configure it.
Please provide your pgAdmin configuration file and Azure SSO configuration so we can understand how you would like to configure it.
Thanks,
Khushboo
Trying to switch IdP Provider from Onelogin ( working right now with Pgadmin4 + Webserver Authentication + Onelogin as IdP provider to Azure SAML SSO.
It looks like the mapped attributes might be the one causing the issue coming from Azure side.
The username in a form of firstname.lastname@domain.com gets parsed correctly but the actual group memberships not being passed along and therefore users being logged in with read only profiles and it does not respect their group memberships.Regards
Viktor