How do I obtain a token using omniauth-saml ?

[peggles2]

Hi,
Thank you for this wonderful Gem.
I installed your gem. Read through the documentation and set everything up. I am using omniauth-saml. I have an admin interface that uses devise and an api. The admin interface is working great. (not ActiveAdmin) But still having trouble getting it working for the API.

The problem i'm running into is when I run
curl -XPOST -H 'Content-Type: application/json' http://localhost:3000/api/v1/auth/sign_in -d '{"email": "my_email@blah.com" }'

I instantly get:
{"errors":["Invalid login credentials. Please try again."]}

I wouldn't use a password since its going through omniauth. The omniauth has been set up already for the admin interface so I kept all the setup the same. It is located in devise.rb instead of omniauth.rb.

routes.rb
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }

namespace :api do
namespace :v1 do
mount_devise_token_auth_for 'User', at: 'auth'
resources :my_api, only: [:index, :create, :update, :destroy]
end
end

User.rb model
devise :database_authenticatable, :rememberable, :trackable, :validatable, :omniauthable, omniauth_providers: [:saml]
include DeviseTokenAuth::Concerns::User
devise :omniauthable # Because for some reason it gets rid of it.

controllers/api/v1/base_controller.rb
class Api::V1::BaseController < ActionController::Base
protect_from_forgery with: :null_session
include DeviseTokenAuth::Concerns::SetUserByToken
end

Your help is very much appreciated!!!!

[zachfeldman]

@peggles2 just providing an email to sign_in isn't going to sign in your user. You'll need more than that to get this to work, just an email isn't enough to login a user unfortunately.