This message was deleted.

Oh right, I couldn't find SAML in the settings in Network. Do I need an active enterprise sub to see it? We're building a B2B Saas application where customers can login with their own IDPs. We're enterprise facing so a lot of them require authentication with SAML. We're currently using Auth0 for this but looking at alternatives.

Hey @loud-terabyte-95831 - replacing Auth0 is the a big reason why people switch to Ory. We’re happy to help and have experience with this. We have SAML working internally, for the open source PR that is unfortunately quite stale and buggy. We’re providing this feature at the moment to select customers because SAML use cases can vary. I’m the founder and CTO of Ory and wrote a lot of the software, would you be up for jumping on a call so that we better understand the context and see how we can solve your problems?

I'll DM you if that works 🙂

Hey @high-optician-2097, I'm very surprised on your feedback on https://github.com/ory/kratos/pull/2653. Why do you consider our pull request is "stale and buggy"? Regarding the stale state, we have been waiting your review for months, so we have priorized one other subject but we continue to want to implement it. Regarding the buggy state. I have seen some technical feedbacks (and thanks again for that) but no bugs found. Why don't consider to leverage on it?

Sorry @steep-scientist-70493 I should have chosen my words more carefully. The PR is a good step in the right direction but there is still a lot of work ahead. See also my review from https://github.com/ory/kratos/pull/2653#pullrequestreview-1374706979 The code as is in the PR has several panics and incorrect code paths. As it stands today I can’t get it through security review. We are now exploring whether there are easier solutions to this problem because it’s a hot feature but also work left to be done before this can go to production systems

I confirm this feature is really asked by a lot of people. That's why we decided few months ago to develop it when it was not a priority for you ;) As I see in the PR, we need just few hours to fix the majority of issues (force HTTPS usage, change errors to panic...). The "most complex" should see the three "thread safe" report you did, where i think we have few days of work, and probably a discussion around the "traits" usage. Maybe I'm wrong but I have the feeling it could be ready soon. Do you share my estimation or i'm wrong somewhere?

I agree! For us it is more work because we need to first understand what it works. I also found a bug during login. It needs tests also 🙂 Plus, the mapping of the SAML to profile data is not working properly as far as I can tell

Good question, I was not hands-on in this implementation but didn't see this kind of feedbacks on the PR. Can we continue this discussion on github to have the full team that's check your bugs? (Log in twice is a bug never seen on our side for instance)

Ok, I will need to spend some time on replicating the login bug. I left all the feedback above on the PR already 🙂

@steep-scientist-70493 hello Vincent. You have some great work and feedback. It’s not unusual that a PR this large takes time and needs testing. @high-optician-2097 is just on the West Coast in customer meetings this week and next. Can I perhaps Organise a meeting in CET time with product management on both sides and pu a plan together. I think we can move this ahead before Aeneas is back. Please email me you meeting request

Hello @swift-chef-97535, We don't have any issue to get delay to have a review. But I was surprised in the beginning of this discussion to understand you consider our PR is "stale". We iterate each time after your review in order to deliver the best quality as possible I'm not sure organizing a meeting will help here. What we need, together, is to continue to work on the PR to be able to release SAML in Ory. I think Github is the best place for this. On our side, team is working currently on another subject but don't hesitate to take our work to accelerate your developments. I cannot give any commitment on when we will be able to take in charge your feedbacks, but code is public 🙂

Ok I will read over the issue again and propose a way to finish. “Stale” issues and PRs are bot decisions based on activity. So don’t worry about that