Skip to content

feat(sso): add entityId to configureSAMLByMetadata settings#739

Merged
dorsha merged 1 commit into
mainfrom
feat/saml-metadata-idp-entity-id
Jun 12, 2026
Merged

feat(sso): add entityId to configureSAMLByMetadata settings#739
dorsha merged 1 commit into
mainfrom
feat/saml-metadata-idp-entity-id

Conversation

@dorsha

@dorsha dorsha commented Jun 11, 2026

Copy link
Copy Markdown
Member

Related Issues

Fixes https://github.com/descope/etc/issues/16175

Description

Adds an optional entityId field to SSOSAMLByMetadataSettings, so callers of management.sso.configureSAMLByMetadata can persist the IdP entity ID alongside a metadata URL.

This lets IdP-initiated SAML login resolve the tenant by the SAML response issuer. Without it, metadata-configured tenants had no stored entity ID and the issuer lookup failed (reported by Navan during SSO migration).

Backend PR: descope/backend#1280

Must

  • Tests
  • Documentation (if applicable)

@dorsha @claude
feat(sso): add entityId to configureSAMLByMetadata settings
6c31d23 
Add the optional entityId field to SSOSAMLByMetadataSettings so callers
can persist the IdP entity ID alongside a metadata URL. This lets
IdP-initiated SAML login resolve the tenant by the SAML response issuer.

Backend: descope/backend#1280
Related issue: descope/etc#16175

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@shuni-bot-dev

shuni-bot-dev Bot commented Jun 11, 2026
edited
Loading

Copy link
Copy Markdown

🐕 Review complete — View session on Shuni Portal 🐾

shuni-bot-dev[bot]
shuni-bot-dev Bot reviewed Jun 11, 2026
View reviewed changes

@shuni-bot-dev shuni-bot-dev Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🐕 Shuni's Review

Adds an optional entityId field to SSOSAMLByMetadataSettings so configureSAMLByMetadata can persist the IdP entity ID for issuer-based tenant resolution on IdP-initiated login.

No issues found — good bones! The settings object passes straight through to the request body, the field is optional (consistent with the metadata flow), and the test asserts it round-trips. Woof!

@dorsha dorsha merged commit c822975 into main Jun 12, 2026
28 checks passed
@dorsha dorsha deleted the feat/saml-metadata-idp-entity-id branch June 12, 2026 07:49
@descope-release-bot descope-release-bot Bot mentioned this pull request Jun 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shuni-bot-dev shuni-bot-dev[bot] shuni-bot-dev[bot] left review comments

@aviadl aviadl aviadl approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dorsha @aviadl