Incorrect SAML2 configuration , disable SAML2 login page

On-Premise
1

Anyway to disable default SAML2 login page . Our Idp certs need to be renewed , but i am unable to go to the default login screen

I tried this. But no change.

SENTRY_FEATURES['organizations:sso'] = False
SENTRY_FEATURES.update(
    {
        feature: True
        for feature in (
            "organizations:discover",
            "organizations:events",
            "organizations:discover-basic",
            "organizations:discover-query",
            "organizations:events-v2",
            "organizations:global-views",
            "organizations:integrations-issue-basic",
            "organizations:integrations-issue-sync",
            "organizations:invite-members",
            "projects:custom-inbound-filters",
            "projects:data-forwarding",
            "projects:discard-groups",
            "projects:plugins",
            "projects:rate-limits",
            "projects:servicehooks",
        )
    }
)
2

Tried all options, here. Even set this to multi organization mode. but that dint work.

@BYK , any insiders on this? how to disable the SAML2 login. I need change the IdP cert and the URL.

3

Hi!

You can try two things:

  1. The correct feature flag is organizations:sso-saml2, try disabling that instead
  2. Use the interactive shell (docker-compose run --rm web shell) and then run the following:
    from sentry.models.authprovider import AuthProvider
AuthProvider.objects.all()
    To get the list of auth providers installed. Very likely you’ll get only one and then you can do AuthProvider.objects.all().delete() to delete all of them (or pick the SAML one using object indexing and run delete() on that only.
2 Likes
4

Awesome that worked! Thank you @BYK

1 Like
5

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.