Administrative local login when SAML is enabled
-
Hi, when setting up SAML authentication to an external IdP (Google Workspace), what is the URL to log in with U/P administratively? SAML is not yet working properly but normal avenues to authenticate push through the SAML workflow. How do I log in to be able to correct the configuration?
-
@jbradford I am looking for a SAML bypass URL format -or is there no foot-gun protection and if the IdP is not quite right or if it goes offline or needs to be rebuilt, the only correction is nuke/pave FusionAuth?
Thanks
-
@jbradford assuming you mean you have a SAML IdP configured for the FusionAuth app and you are using a domain configuration that would require you to login through the external SAML IdP?
If that is correct, and the SAML config is incorrect so that you are unable to login, you can disable this IdP for the FusionAuth app, or disable the whole IdP config using the IdP API.
Then, for testing I would recommend you wait until the login path is working before you add the domain configuration which forces you to use the external IdP. Or, keep a separate admin user with a different email domain not managed by an external IdP to login into the FusionAuth console.
-
@jbradford Another option, is if you're on the login page, you can add
&showPasswordField=trueto the URL and that should render the login form with the option to add a password.Related GitHub issue: https://github.com/FusionAuth/fusionauth-issues/issues/995
