How can I hide the "Username" and "Password" from Ansible Automation Platfrom login page and just have SAML login visible for the users?
Environment
- Ansible Automation Platfrom 2.x
Issue
- Ansible Automation Platform is set up for Okta/SAML login. You can hide or unwind "Username" and "Password" from the application frontend page and just have SAML login visible for the users.
Resolution
- You can set up transparent SAML login to bypass the username and password screen using the following steps:
-
Set the RelayState on the IdP to the key of the IdP definition in the SAML Enabled Identity Providers field.
-
Specify the redirect URL for non-logged-in users to somewhere other than the default controller login page by using the Login redirect override URL field in the Miscellaneous Authentication settings window of the Settings menu, accessible from the left navigation bar. This should be set to /sso/login/saml/?idp=
for transparent SAML login.
Settings -> Miscellaneous Authentication -> Login redirect override URL -> set to /sso/login/saml/?idp=<name-of-your-idp>
- After transparent SAML login is configured, to log in using local credentials or a different SSO, go directly to
https://<your-aap-server>/login. This provides the standard controller login page, including SSO authentication buttons, and allows you to log in with any configured method.
Note : The above is a sample of a typical IdP format, but may not be the correct format for your particular case. You may need to reach out to your IdP for the correct transparent redirect URL as that URL is not the same for all IdPs.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments