KB-1975 Web API calls return unexpected results after enabling SAML authentication

Rebecca Jonas — Tue, 06 Aug 2019 14:31:55 GMT

Current Revision posted to Appian Knowledge Base by Rebecca Jonas on 8/6/2019 2:31:55 PM

Symptoms

After enabling SAML authentication for Appian, Web API calls return a 200 OK response code with an unexpected HTML response body that fails to parse in the external system calling the Web API. For example, the error observed in the Web API client may indicate that the response was invalid JSON or that a particular attribute could not be found in the response body.

Cause

Because SAML authentication is enabled with the default login page set to the SAML login page, all requests not containing a session cookie are expected to authenticate through SAML. Thus, the requests to the Web API are being redirected to the SAML login page rather than getting served by Appian. The received response is the HTML of the login page of the SAML provider instead of the data expected from the Web API. The below example illustrates the correct and erroneous responses:

Without SAML authentication

{
"output": "No update required",
"success": "true"
}

With SAML authentication

<!DOCTYPE html>
<html>
 <head>
 <meta charset="utf-8" />
 </head>
 <body onload="document.forms[0].submit()">
 <noscript>
 <p>
 <strong>Note:</strong> Since your browser does not support JavaScript,
 you must press the Continue button once to proceed.
 </p>
 </noscript>
 <form action="https&#x3a;&#x2f;&#x2f;idp.example.com&#x3a;443&#x2f;sso&#x2f;SSOPOST&#x2f;metaAlias&#x2f;publicidp" method="post">
 <div>
 <input type="hidden" name="SAMLRequest" value="PD94bWwgdmV..."/> 
 </div>
 <noscript>
 <div>
 <input type="submit" value="Continue"/>
 </div>
 </noscript>
 </form>
 </body>
</html>

Action

Use the ?signin=native query parameter in the Web API URL when making the call from the external system to enable the call to be authenticated through Basic authentication instead of SAML. For example, if the Web API URL is https://appian.example.com/suite/webapi/get-data, the call should be made to https://appian.example.com/suite/webapi/get-data?signin=native.

Affected Versions

This article applies to Appian versions 17.1 through 19.1 using SAML authentication.

Last Reviewed: August 2019

Tags: design, SAML, integration, authentication, web services, application design, web api

KB-XXXX Web API calls return unexpected results after enabling SAML authentication

Jussi Lundstedt — Mon, 05 Aug 2019 21:20:54 GMT

Revision 2 posted to Appian Knowledge Base by Jussi Lundstedt on 8/5/2019 9:20:54 PM

Symptoms

Cause

Without SAML authentication

{
"output": "No update required",
"success": "true"
}

With SAML authentication

<!DOCTYPE html>
<html>
 <head>
 <meta charset="utf-8" />
 </head>
 <body onload="document.forms[0].submit()">
 <noscript>
 <p>
 <strong>Note:</strong> Since your browser does not support JavaScript,
 you must press the Continue button once to proceed.
 </p>
 </noscript>
 <form action="https&#x3a;&#x2f;&#x2f;idp.example.com&#x3a;443&#x2f;sso&#x2f;SSOPOST&#x2f;metaAlias&#x2f;publicidp" method="post">
 <div>
 <input type="hidden" name="SAMLRequest" value="PD94bWwgdmV..."/> 
 </div>
 <noscript>
 <div>
 <input type="submit" value="Continue"/>
 </div>
 </noscript>
 </form>
 </body>
</html>

Action

Affected Versions

This article applies to Appian versions 17.1 through 19.1 using SAML authentication.

Last Reviewed: August 2019

Tags: design, SAML, integration, authentication, web services, application design, web api

KB-XXXX Web API calls return unexpected results after enabling SAML authentication

Jussi Lundstedt — Mon, 05 Aug 2019 15:36:16 GMT

Revision 1 posted to Appian Knowledge Base by Jussi Lundstedt on 8/5/2019 3:36:16 PM

Symptoms

After enabling SAML authentication for Appian, Web API calls return a 200 OK response code with an unexpected response body that fails to parse in the external system calling the Web API. For example, the error observed in the Web API client may indicate that the response was invalid JSON or that a particular attribute could not be found in the response body.

Cause

After enabling SAML authentication, the Web API is returning the HTML of the login page of the SAML provider instead of the expected data returned by the Web API.

Action

Affected Versions

This article applies to Appian 17.1 and later using SAML authentication.

Last Reviewed: August 2019

Tags: design, SAML, integration, authentication, web services, application design, web api