SecureAuth IdP Version affected: All
Description:
When using the Saml Assertion Consumer service, the Users are presented with an error "Please make sure there is a valid nameid or the user exists in the datastore."
Cause: There can be many causes for this error. Please open the Audit log for the realm in question and take a look for SAML Assertion Failed.
Resolution:
In the example above, the Audit log clearly states that the problem is with the time.
The next steps are to check the clock skew between the IdP and SP servers and correct the time so that they match.
It's recommended to use NTP to keep the clocks in sync and avoid issues like this.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.