Troubleshooting

• Directory data syncronization between IdP and FW is not supported
• IdP Redirection URL change (15.5.1+)
• Enrolling Apple devices why am I prompted for IdP login?

Directory data syncronization between IdP and FW is not supported

At this time, FileWave IDP integration is limited to only FileWave Admin authentication and Apple device enrollment.  Directory data synchronization (and custom fields) between the IdP source and FileWave is not supported at this time, but will be added in a future release.  In the meantime, current LDAP(S) synchronization can be used as a stop-gap to achieve the same result.

IdP Redirection URL change (15.5.1+)

What

In FileWave 15.5.1 there was a change to the redirection URLs used for an IdP setup in FileWave so that the 3rd URL would use port 20443 instead of the usual 443 for HTTPS. 

When/Why

In FileWave 15.5.1 we wanted to account for servers where port 443 was not exposed to the Internet but where clients would enroll via an IdP so a change in port had to be made. All of the setup documentation was updated, but if you setup your server in the past then you may need to update the URLs within your IdP. 

How

Review the IdP setup article for the platform you use (links below in Related Content) and ensure that you check that the 3rd redirect URL is using 20443 instead of 443 or it may have no port listed at all prior to FileWave 15.5.1. 

FileWave 15.5.1 and newer looks like this for the URL in question;

https://FWXSERVER:20443/auth/login_via_idp_redirect_for_device 

FileWave earlier than 15.5.1 would have had the same URL but it would not have had the port or it would have listed 443;

https://FWXSERVER:443/auth/login_via_idp_redirect_for_device 

You will find the proper URL for your setup if you review the IdP setup and repeat the step where you copy URLs from your FileWave Server. The other 2 URLs are on port 443. For best results always copy the URLs from FileWave Anywhere as the instructions show so that you get the URL as it should be for your actual server.

Related Content

• IdP Setup: Google
• IdP Setup: Keycloak
• IdP Setup: Okta
• IdP Setup: Microsoft Entra ID (Azure)

Enrolling Apple devices why am I prompted for IdP login?

What

When I enroll a macOS, iOS or iPadOS device a pop-up shows asking me to login to Google, Keycloak, Okta or Microsoft Entra ID (Azure) and I'm not sure why.

When/Why

This can happen if you setup an IdP in FileWave and enabled the "Enrollment" checkbox. 

How

Login to FileWave Anywhere and go to Settings and edit your IdP configuration as seen in the image below. Uncheck Enrollment if you do not want this behavior. Conversely if you want to enable this behavior then go back and check the box. 

Related Content

• IdP Setup: Google
• IdP Setup: Keycloak
• IdP Setup: Okta
• IdP Setup: Microsoft Entra ID (Azure)