1

I have a Cognito User Pool in AWS dedicated to Redash, also have Microsoft AD App in Azure connected to AWS Redash. I am trying to connect Redash with the SAML Authentication Enabled to Microsoft AD App. But for some reason, there is a missing mapper, and AD to Redash mapping is not getting successful.

So, I am trying to make a connectivity like Redash SSO → Microsoft AD App → AWS Cognito User Pool, and trying to on-board users in AD to Redash

Redash Image(Running in Kubernetes): redash/redash:8.0.2.b37747

SAML Configuration in the Redash UI
SAML Metadata URL: https://login.microsoftonline.com/yyyyyyy-yyyyyy-yyyyyy-yyyyyy/federationmetadata/2007-06/federationmetadata.xml?appid=xxxxxx-xxxxxx-xxxxxx-xxxxxxx
SAML Entity ID: urn:amazon:cognito:sp:<cognito_ARN>
SAML NameID Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

Logs of the Redash Pod running in the AWS EKS

[2022-02-01 14:23:49,651] ERROR in app: Exception on /saml/callback [POST]
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/site-packages/flask_restful/__init__.py", line 271, in error_router
return original_handler(e)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/app/redash/authentication/saml_auth.py", line 82, in idp_initiated
name = "%s %s" % (authn_response.ava['FirstName'][0], authn_response.ava['LastName'][0])
KeyError: 'FirstName'

Have gone through couple of issues already raised in this forum regarding the same but still no luck!

I’d highly appreciate if someone can help me get this fixed, thanks in advance!