Hi.
I'm trying to setup SAML following this guide. I patched and restarted nginx but I still only get
zx path API error
when trying to access /zx/auth/samlMetadata?domain=domain.it
Zextras 3.5.0, Zimbra 9 by Zextras.
I haven't found any error in mailbox.log.
What could it be?
thanks
P.S. I think this page is outdated and should be removed.
Hello @maxxer,
Thank you for contacting us and for the suggestion regarding the documentation, we are currently reviewing it and on the meantime please allow me to share a couple articles that I hope you may find them interesting:
Zextras Suite - Added Features to Auth: https://community.zextras.com/zextras-suite-3-1-11-added-features-to-zextras-auth/
Improve the security using Zextras 2FA: https://community.zextras.com/improve-the-security-using-zextras-2fa/
On our recent experience the most common motives for this issue would be missing parameters in the server configurations, specially `zimbraAuthMech` and `zimbraWebClientLoginURL` parameters. Domain settings can also affect this scenario and we can verify it through the output of this command:
* `for dom in $(zmprov gad); do zmprov gd $dom zimbraPublicServiceProtocol zimbraPublicServiceHostname zimbraPublicServicePort zimbraAuthMech zimbraWebClientLoginURL; done`
Bellow is an command example that can be used to change the parameters mentioned:
* `zmprov md DOMAIN.TDL zimbraPublicServiceProtocol PROTOCOL zimbraPublicServiceHostname HOSTNAME zimbraPublicServicePort PORT zimbraAuthMech AUTHMECHTYPE zimbraWebClientLoginURL CLIENTLOGINPAGE`
Please remember to substitute the values according to your needs (e.g. `zmprov md example.com zimbraPublicServiceProtocol https zimbraPublicServiceHostname mail.example.com zimbraPublicServicePort 443 zimbraAuthMech custom:zx zimbraWebClientLoginURL /zx/login/page/`)
Hope that you will find this information helpful, please let us know if we can assist you further.