In settings.py, do I need also a SAML_AUTH part?

[remiliance]

Hello,

I set up the config as per the "djangosaml2 read the doc".
I well generate a SAML request and get a SAML response (sucess) from my IDP.

However, then, I have an error : Forbidden or CSRF (auth issue)
Apparently, Django does not manage the Auth based on the SAML response.

Based on "djangosaml2", Django is supposed to manage the Auth based on the SAML response?
Do I need to parse manually the user attributes info from the SAML response and create/get user into Django and login? (meaning creatin,g views, methods...)
Do I need to configure also a SAML_AUTH parameters in the settings.py?
Do I need to install also django-saml2-auth-ai ?

Thanks a lot
Rémi

[peppelinux]

Do I need to install also django-saml2-auth-ai ?

No, don't worry about that!

You just have to follow the instruction published in the docs

this is the backed: https://djangosaml2.readthedocs.io/contents/setup.html#authentication-backend

and yes, the SAML_config is required
https://djangosaml2.readthedocs.io/contents/setup.html#pysaml2-specific-files-and-configuration