SAML config for zabbix > 6.2

[Daniigrof]

SUMMARY

Enable configuration of LDAP and SAML for Zabbix versions greater than 6.2. Currently, there appears to be no support for these features in versions beyond 6.2.

ISSUE TYPE
Feature Request

LDAP and SAML Configuration for Zabbix > 6.2

ADDITIONAL INFORMATION

The ability to configure LDAP and SAML is crucial for automating deployments and is a significant aspect of many IT and system administration tasks. Enhanced support for these features in newer versions of Zabbix will greatly benefit users by simplifying the setup process and improving overall security and integration capabilities.

[masa-orca]

You can configure LDAP setting and SAML setting using zabbix_user_directory module.

The Zabbix API's behavior has changed since version 6.2.

[tjommie]

I've tried both modules community.zabbix.zabbix_authentication and community.zabbix.zabbix_user_directory and thought community.zabbix.zabbix_user_directory worked out for me..

community.zabbix.zabbix_authentication
Documentation for this module looks to be out of date, especially the example for "Update all authentication setting (Zabbix >= 6.4)". The playbook completes OK, but doesn't apply all configuration settings (on it's own)

community.zabbix.zabbix_user_directory
Worked out, following the "Create new user directory with SAML IDP or update existing info (Zabbix >= 6.4)" example in the documention linked above. On it's own it didn't "Enable SAML authentication".

Setup:
zabbix: 7.0.3
community.zabbix: 3.1.1

zabbix_authentication and zabbix_user_directory seem to be configuring the same, yet different options?

Update: turns out the zabbix_authentication configures which authentication method that Zabbix uses while zabbix_user_directory configures the settings within the selected authentication method ~ ie. use both for SAML.

I'm guessing SAML fields (saml_sso_url, saml_idp_entityid, etc.) in zabbix_authentication was moved to zabbix_user_directory in Zabbix > 6.4.