SAML setup: zx path API error
I'm trying to setup SAML following this guide. I patched and restarted nginx but I still only get
zx path API error
when trying to access /zx/auth/samlMetadata?domain=domain.it
Zextras 3.5.0, Zimbra 9 by Zextras.
I haven't found any error in mailbox.log.
What could it be?
P.S. I think this page is outdated and should be removed.
Thank you for contacting us and for the suggestion regarding the documentation, we are currently reviewing it and on the meantime please allow me to share a couple articles that I hope you may find them interesting:
Zextras Suite - Added Features to Auth: https://community.zextras.com/zextras-suite-3-1-11-added-features-to-zextras-auth/
Improve the security using Zextras 2FA: https://community.zextras.com/improve-the-security-using-zextras-2fa/
On our recent experience the most common motives for this issue would be missing parameters in the server configurations, specially `zimbraAuthMech` and `zimbraWebClientLoginURL` parameters. Domain settings can also affect this scenario and we can verify it through the output of this command:
* `for dom in $(zmprov gad); do zmprov gd $dom zimbraPublicServiceProtocol zimbraPublicServiceHostname zimbraPublicServicePort zimbraAuthMech zimbraWebClientLoginURL; done`
Bellow is an command example that can be used to change the parameters mentioned:
* `zmprov md DOMAIN.TDL zimbraPublicServiceProtocol PROTOCOL zimbraPublicServiceHostname HOSTNAME zimbraPublicServicePort PORT zimbraAuthMech AUTHMECHTYPE zimbraWebClientLoginURL CLIENTLOGINPAGE`
Please remember to substitute the values according to your needs (e.g. `zmprov md example.com zimbraPublicServiceProtocol https zimbraPublicServiceHostname mail.example.com zimbraPublicServicePort 443 zimbraAuthMech custom:zx zimbraWebClientLoginURL /zx/login/page/`)
Hope that you will find this information helpful, please let us know if we can assist you further.