The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Asana general instructions are at https://asana.com/guide/help/premium/premium-organizations#gl-saml.  Unfortunately, their manual config instructions are an outdated google doc with screenshots of how to configure ADFS.  Here's the info you need for Shibboleth:

 

  1. EntityID is https://app.asana.com
  2. Send the user's email address as the NameID using 
    urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

  3. Asana does not support encrypting assertions or responses – don't try it

  4. In Asana, configure the HTTP-Redirect URL as the sign-on URL

 

Here's metadata for Asana since they don't provide any.

 

SP Metadata
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://app.asana.com">
        <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
                <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
                <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://app.asana.com/-/saml/consume" index="0"/>
        </md:SPSSODescriptor>
</md:EntityDescriptor>

 

 

  • No labels