Token Mismatch

[rendhon]

i tried to use this with my azure ad as idp got this error " TokenMismatchException in VerifyCsrfToken.php line 49:" are you familiar with this error?

[aacotroneo]

oh, yes! That's the Laravel 'csrf' middleware. It intercepts all POST's by default (including the one your IDP does, which cant never know about a csrf token, and it does not need it).
You'll have to disable that middleware for the saml routes. Or just disable it if you are not going to use cookies (i.e oauth or some other token). I don't have anything at hand now, but there is a lot of discussions about this.

[rendhon]

thanks for the link. :)

[rendhon]

is the default sp identifier is ' http://localhost/laravel/public/saml2/metadata' ?coz i already tried to configure the samlsettings but in the saml request it always appear.. could i change this one? and where? i tried to find where but such many data flow .!

[aacotroneo]

the library set this:

$config['sp']['entityId'] = URL::route('saml_metadata');

You can override that route if you want, or use your own routes. Look at the comments in the config file.