On Sat, Aug 2, 2025 at 7:20 AM Subbareddy Alamuru < [email protected]> wrote:
> Hi, > > I am using guacamole docker setup with Guacamole, GuacD, Nginx proxy and > trying to setup SAML sso using Azure Entra but getting this error > > [image: image.png] > > Guacamole UI runs at http://containername:8080/guacamole/ and I have this > in my nginx proxy > > location / { > proxy_pass http://guacamole:8080/guacamole/; > . > . > } > You're missing several items that control what headers are passed through. Make sure that you have the following: location / { proxy_pass http://localhost:8080/; proxy_buffering off; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Proto $scheme; client_max_body_size 1g; } In particular, setting the various X-Forwarded-* headers will help insure the proper "https://"; gets set on the URL. Also, as others have mentioned, you need to make sure the callback URL is set properly to the actual root of your Guacamole URL (the one in front of the proxy, the one users actually access). -Nick >
