I had a hard time with this too when setting up originally. The secret was to use the following for the callback URL (at least this worked for me):
https://<guacamole_host>/api/ext/saml/callback On Wed, Sep 8, 2021 at 1:31 PM Seth Weber <[email protected]> wrote: > Hi all, I'm new to Apache Guacamole and I'm loving it so far, but I can't > get SAML to work... > > I have the extension installed and configured with Google Workspace as our > IDP. When I visit my Guacamole interface, it redirects me to Google for > authentication (expected), but when I choose an account it redirects me to > Guacamole and Guacamole just redirects me again to the Google login page. I > suspected it's because in my guacamole.properties file the Entity ID and > Callback URL are the same, and I could see why that would make a loop, but > several comments from others said to make them the same. Regardless, the > Guacamole documentation doesn't give me any information on what the > callback URL needs to be, it just vaguely says: > >> "The URL that the IdP will use once authentication has succeeded to >> return to the Guacamole web application and provide the authentication >> details to the SAML extension. The SAML extension currently only supports >> callback as a POST operation to this callback URL. This property is >> required." > > > I cannot figure this out, I appreciate any help. :) > > -- > > > Seth Weber > Network & Systems Administrator > 271 Perkins Road > Clarion, PA 16214 > Phone: 814-297-8400 > Fax: 814-297-8801 > https://cfvna.org/ > > [image: Like] <https://www.facebook.com/ClarionForestVNA> > > [image: Clarion Forest VNA] > > *The Clarion Forest VNA is proudly ranked within the Top 500 Providers > Nationwide!* > > > > Confidentiality Statement: The information accompanying this email > transmission is intended for the use of the individual to whom it is > addressed & may contain information which is privileged, confidential & > exempt from disclosure under applicable law. If you are not the intended > recipient, employee or agent responsible for delivering the message to the > intended recipient you are hereby notified that any dissemination, > distribution or copying of this communication is strictly prohibited. If > you have received this email in error please notify us immediately by > telephone at 814-297-8400.
