Hello,
I am trying to set the authentication with our idP Pingfederate
I have followed the steps mentioned in the below URL to configure SAML
https://rancher.com/docs/rancher/v2.x/en/admin-settings/authentication/ping-federate/
When i finish my settings, i need to click on “authenticate with ping”
I am redirected on my IDP log on portal, and when i authenticate i am redirect to rancher with this attributes in my SAML request
<saml:Attribute Name=“displayName”
NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:basic”
>
<saml:AttributeValue
xsi:type=“xs:string”
>ALEXANDRE</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name=“groups”
NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:basic”
>
<saml:AttributeValue
xsi:type=“xs:string”
>User</saml:AttributeValue>
<saml:Attribute Name=“userName”
NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:basic”
>
<saml:AttributeValue
xsi:type=“xs:string”
>11111111111</saml:AttributeValue>
</saml:Attribute>
But i cannot log in rancher and i have this error message :
Logging in failed: Your account may not be authorized to log in.
There is no explanations about account rights or something else with the article : Configuring PingIdentity (SAML) on rancher website.
Is there someone who can help us to understand what is waited ?
thanks for any help