SAML Integration Login Failure

jshatney
Mega Expert

We have setup a SAML integration following the documentation on the wiki. The following is occurring:

1. URL for ServiceNow instance loads and redirects to the IDP
2. URL for the IDP loads
3. Credentials are entered into the IDP
4. Error message "Could not validate SAMLResponse" appears and redirects user to the ServiceNow logout page

In the event logs we see: external.authentication.failed4B1F753D6F451100985A93D31C3EE494Authentication failed
In the system logs we see: 2013-11-15 10:24:50:AMInformationCould not validate SAMLResponse

I have verified the proper certificate is uploaded and the proper information is loaded into the SAML properties.

Anyone have any suggestions for where to look next?

8 REPLIES 8

jason_petty
Tera Expert

Look at the logs closer and see if there is some other error in there that says something like actual is ...... expected .....

You might have a property set wrong for your IDP. That seems to be the most common reason why SAML login doesn't work the first time.

If you send me an email with the instance name you are working on, I could take a look at the log quickly too.

jason.petty@servicenow.com


jason_petty
Tera Expert

The setting:
The Identity Provider URL which will issue the SAML2 security token with user info.

was set to https instead of http like the ADFS IDP was expecting for that value.


Hello Jason,



I have the similar problem with my instance, which I am trying to newly set up. The error log and the event log says the same as mentioned in the initial post.



Would you please be able to help me out, I can share the details if you can tell me what to share.



Regards,


Chandana


Can be the following


Create an AuthnContextClass request in the AuthnRequest statement


glide.authenticate.sso.saml2.createrequestedauthncontext



Leave it as off and let the server decide



for us, if we enable this, our internal users work and our external users log straight off.


disabling and all work



Cheers