Hopefully my last hurdle with SAML...

I can log in by going to the confidant URL and hitting the Log In link - it goes to OneLogin, does its SAML magic, and I get logged in fine.

My issue is when I add the app to the OneLogin app portal.
If I click the app's icon, my browser goes to confidant, but throws up a 405 Method Not Allowed on the /v1/saml/consume URL.
From looking at the source, that route in confidant only allows POSTs, and I'm not sure why OneLogin tries to GET on that route...

Any ideas?

@egeland Could you post the full request packet from OneLogin to Confidant? Does it call the route with any additional parameters or data? Maybe we can make the route compatible with GET too, so that it works for you.

edit: It looks like the python-saml library only supports a POST to this method (https://github.com/onelogin/python-saml/blob/master/src/onelogin/saml2/auth.py#L93), which is interesting because the library is owned by OneLogin..

I'll hack in a debug log dump onto that route for GET, to see what it's trying to do..

It was due to wrong configuration in OneLogin - feel free to close this issue.