Versions Compared

Old Version 5

changes.mady.by.user Prakash Kumar

Saved on

compared with

New Version Current

changes.mady.by.user Shradha Kamble

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page will help you identify issues and fix them. On facing any issue with Single Sign On, you can go through the list below to figure out your issue and fix it.

Gallery

The failure can occur at two points -

  1. Test Configuration Failed - This tool is specifically aimed to test the setup of Single Sign-On between your Atlassian application and your IDP.

    On a perfect successful configuration, you get a success message. On any problems, you get one of the following messages with steps to fix the problem on your own very quickly.

  2. SAML SSO Failed - If your Test Configuration works and even then your Single Sign-On fails, you need to tweak your settings a little further to fix the issue.

1. Test Configuration Failed

If the test configuration has been performed in the plugin's IDP configuration tab and results in Test Failed, the possible causes are listed below.

Error Code: INVALID_SIGNATURE

in Description: This issue comes when the configured certificate in the plugin's IDP Configuration tab did not match the Certificate in SAML Response.

...

  • Copy Expected Certificate from Test window.

  • Paste it in the IDP Signing Certificate text box in IDP Configuration Tab.

  • Save settings.


...


Error Code: INVALID_CONDITIONS

...

Description: This issue generally comes up when the Application(Jira, Confluence, Bitbucket, Bamboo, and fisheye) server's time is not within the time interval specified by IDP in SAML Response. Hence, the SAML Response gets invalidated and the SAML app is unable to proceed it even if the difference is in milliseconds.

...

  • Read Resolution in the Test window and note the value of the minutes which you need to set in Validate SAML Response.

  • Go to the Advanced SSO tab in the plugin change the value of Validate IDP's SAML Response to minutes mentioned in the Test window and save it.

  • Go to IDP Configuration tab in the plugin try Test configuration again.


...


Error Code: INVALID_ISSUER

...

Description: This problem will come when the IDP entity ID / Issuer configured in the plugin does not match with the IDP Issuer.

...

  • Copy the value of the Issuer from the Test window. For the reference shown in the picture below.

  • Paste it in the IDP Entity/Issuer text field in the IDP Configuration tab of the plugin.

  • Save settings.


...


2. SAML SSO Failed

Info

If the Test Configuration Results Success and SAML SSO Failed, the possible causes are listed below. Please check the URL and find the below-mentioned parameter in the URL.

Error Code: samlerror=cant_signin_no_access

...

Description: This problem will come when the user tries to login in Atlassian application and the user has no permission to log in.

...

  • Add the user to an application group that gives login permission.

  • Follow this knowledgeBase to assign a group to the user which gives access to the application.


...

 Error Code: samlerror=cant_signin_no_license

...

Description: No license exits. Single Sign-On will not work unless an app license is applied.

...

  • Update license in manage apps sections.


...


Error Code: samlerror=cant_signin_check_configuration

...

Description: This issue is caused by multiple reasons and all are listed below.

...

If you are looking for anything which you cannot find, please drop us an email on info@xecurifty.com