topic Re: Azure SSO login fails after MFA in Wireless

Azure SSO login fails after MFA

jjeffery — Wed, 25 Jan 2023 10:42:24 GMT

Hello

I've followed these two articles to set up SSO logins:

https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_SSO_with_Azure_AD

Tutorial: Azure Active Directory single sign-on (SSO) integration with Meraki Dashboard - Microsoft Entra | Microsoft Learn

After which, launching the new URL seems to work in that it asks for my account name, then my password, then asks for my Duo MFA preference (I choose 'Push'), then reacts as expected after I confirm the Duo prompt on my phone...then it errors out with this message:

Azure Sign-in logs show "Success". The Meraki Dashboard login attempts only logs our primary 'local' account logins. I don't know where else to look!

Re: Azure SSO login fails after MFA

Mark Elsen — Wed, 25 Jan 2023 12:39:00 GMT

- FYI : https://help.duo.com/s/article/5594?language=en_US

Re: Azure SSO login fails after MFA

jjeffery — Wed, 25 Jan 2023 13:14:38 GMT

@Mark Elsen While that article didn't DIRECTLY provide the solution (most of it relates to a Duo DAG, which we don't use), it did enough to lead me to the SAML login history page which showed this:

Which itself was enough to point me back to the 'App roles' blade in Azure to change the value "meraki.write" to "meraki_write", which, as you can see, is now working.

Cheers, Marce!