Talis may choose to enable a debug mode so that when you have logged in to your Identity Provider and are being redirected back to Talis applications, we'll show some extra information. This article explains the flow of the requests and what to expect.
Why do we need a debug mode?
Talis' Service Provider provides a login service for all Talis Products. This service devolves authentication to your university's login provider. It requires a number of specific attributes which are detailed in this article about setting up devolved authentication.
The debug mode allows a user who has logged in to see the SAML 2 response from your Identity Provider. You can use this to iteratively test that your IdP is releasing the correct values to us when either setting up devolved authentication or devolved constraints.
What will happen when you click on Login and debug mode is enabled?
- When you click on the sign in link, you will be redirected to your SSO for login.
- When you have logged in you will be redirected back to our Talis service provider.
- At this point you will see a screen full of XML which is the SAML response that your IdP is sending to our SP.
- In that XML response we expect to see an attribute for the
- At the bottom of the XML is a 'submit' button which will then continue the login handoff back into Talis Aspire Reading Lists.
- At this point you should be logged in and see a 'create profile' option next to where you signed in.
- If you get an error about not being able to find a persistent id, then that means that we haven't been able to locate the
eduPersonTargettedIDin your SAML response.
Only Talis staff can enable this debug mode, and we'd only do it in particular circumstances.