We have IDP based SSO enabled in Morpheus platform, where SAML assertion data is printed in logs for every new authentication.
Enable SAML Assertion information available for usage from inside the Morpheus task. We are looking forward to making an API call from Morpheus task, while performing this request, we would like Morpheus to request along with SAML assertion data for the user to authenticate from Ping Federate tool. i.e., Morpheus must ensure SAML assertion data is stored somewhere for usage. This data will be used by us while performing the API call.
Morpheus receives SAML assertions from the IdP; some refer to this as a SAML token. In step 4, when you are swapping the SAML assertion for an access token, are you expecting Morpheus to get an oAuth or JWT token from an authorization server? SAML does not contain any credential data. Are you looking to do a SAML/OIDC token exchange?
Can you authenticate against Ping as an authorization server to get the access token? A better way is to store the access token in Cypher or some other secret store. Access the token directly from the task and do not rely on Morpheus to authenticate using the SAML assertion data. The assertion data is in a Morpheus variable, but I don’t know how you use that to obtain an access token.
