[SSO setup] Unable to set up SSO with Ping Identity

[rodolfoBee]

Environment

SaaS (https://sentry.io/)

Steps to Reproduce

1. Follow the steps in this guide: https://docs.sentry.io/organization/authentication/sso/ping-sso/

Expected Result

SSO to be correctly configured, in case there are any issues with the setup the UI show the reason SSO was not configured.

Actual Result

The user gets redirected back to the Auth settings page with no error message nor SSO is configured. This is an issue activating the SSO after receiving the SAMLResponse from Ping Identity.

This issue contains PII and the information is available in this internal ticket

From the logs, I can see a valid SAMLResponse sent to POST https://sentry.io/saml/acs/{ORG_SLUG/ with a 302 status code with the correct redirect to the auth page:

302 Found
location header: /settings/{ORG_SLUG}/auth/

However, SSO shows as not configured.

I was able to reproduce a similar issue when using a user with "Manager" role and solved it by promoting the user to "Owner". The affected user was promoted to "Owner" but the issue remains. The affected user does not have blocking extensions. There are no related error events in Sentry linked to the user or organisation slug.

Product Area

Settings - Auth

Link

No response

DSN

No response

Version

No response

[getsantry]

Assigning to @getsentry/support for routing ⏲️

[getsantry]

Routing to @getsentry/product-owners-settings-auth for triage ⏲️

[leedongwei]

We're investigating this.

[leedongwei]

Our PingID developer account was deleted by Ping, so I've reapplied for one.

We have received your application and strive to review all requests in a timely manner. Your application will be reviewed by the Technology Partner program team and if selected, we will contact you regarding next steps.

I can't wait to be a Ping Identity Technology Partner. I will get back to this issue as soon as we get access.

[shaunaim]

Hi, has there been any update on the issues we're facing as above?

Thanks, Shai