SAML2 Authentication Working in Chrome/Edge But Not Firefox


We have implemented the new SAML authentication method and successfully integrated with Shibboleth as our IDP, but it appears something is broken within the FireFox browser only - Edge and Chromium work just fine. Other sites attached to the IDP work fine as well, so it appears specific to PSUniversal.

Is anyone able to replicate this issue or have any suggestions?

Product: PowerShell Universal
Version: 2.3.7

I don’t use Shibboleth and we use OIDC for UD but for SAML problems my first port of call is usually to install a SAML decoder plugin into the browser and check that the SAML assertations look right. Since you have one config that works you can at least compare the 2 and see if there are differences.

Thanks @andrew.wood.wb, I just checked again and the SAML Response is the same in each browser, it appears PSUniversal isn’t sending the 303 after getting the POST to /Saml2/Acs

Also of note, I added a role-assignment logging to validate the user is being received and it is successfully applying the Admin role during login on FireFox

I’ll take a look. Thanks for opening an issue in the tracker!

1 Like