-
Type:
Suggestion
-
Resolution: Unresolved
-
Priority:
Low
-
None
-
Affects Version/s: None
-
Component/s: None
-
None
Summary
JIRA provides the Audience URL (Entity ID) to be used in the Identity Provider. The URL is given as https://jira.atlassian.com
When configuring the Identity Provider a user may enter a trailing / at the end of the URL such as :
https://jira.atlassian.com/
When JIRA checks for a valid Audience URL it will fail because of the trailing / and the error message is not clear that the / is causing the problem.
Expected Result
JIRA should check for a trailing / and remove it to allow it as a valid Audience or display a more specific error that the Audience is not valid because of a trailing /
Actual Result
JIRA will give the following error in the logs:
Received invalid SAML response: https://jira.atlassian.com is not a valid audience for this Response
This error isn't clear because typically a URL with a trailing / will function the same as one without.
A better error message would be:
Received invalid SAML response: https://jira.atlassian.com is not a valid audience for this Response. Received SAML: https://jira.atlassian.com/ Expected SAML: https://jira.atlassian.com