SAML Response Invalid - MultiSSO

saloniahuja
Kilo Contributor

On our dev instance(Istanbul) , we have enabled MultiSSO plugin

Configured IDP by importing XML

But, we are getting to logout page after login.

How can I debug this? Can someone help please ? Thanks in advance.

Saloni

1 ACCEPTED SOLUTION

vab_13
ServiceNow Employee
ServiceNow Employee

Most likely SAML Response is evaluated being invalid and you are getting to the logout page.


Enable Multi-SSO Debug.


This debug will start printing logs along with actual SAML Response XML.


The logs will confirm on why SAML Response is being invalided. If you configured by importing XML from IDP, make sure there is no trailing forward slash "/".


Validate certificate.




From Multi-SSO Properties, enable Debug:


Multiple Provider Single Sign-On - ServiceNow Wiki


find_real_file.png


find_real_file.png



This will start printing debug information.


This debug information is pretty descriptive to confirm on why SAML Response


You can leverage script from my article to see if there is a Certificate issue:





If you still run into issues, reply back with your instance name or log a call in Hi: we can assist.




Vab


View solution in original post

7 REPLIES 7

faisal_dadabhoy
Giga Expert

There could be multiple reasons.



Did you attempt to turn on debugging on SAML properties? You may see something in logs that may tell you what the issue is.



find_real_file.png


sorry couldn't find this page. I think you are referring to SAML2 Plugin, we are on Multi-SSO Plugin.


Thanks


vab_13
ServiceNow Employee
ServiceNow Employee

Most likely SAML Response is evaluated being invalid and you are getting to the logout page.


Enable Multi-SSO Debug.


This debug will start printing logs along with actual SAML Response XML.


The logs will confirm on why SAML Response is being invalided. If you configured by importing XML from IDP, make sure there is no trailing forward slash "/".


Validate certificate.




From Multi-SSO Properties, enable Debug:


Multiple Provider Single Sign-On - ServiceNow Wiki


find_real_file.png


find_real_file.png



This will start printing debug information.


This debug information is pretty descriptive to confirm on why SAML Response


You can leverage script from my article to see if there is a Certificate issue:





If you still run into issues, reply back with your instance name or log a call in Hi: we can assist.




Vab


vab_13
ServiceNow Employee
ServiceNow Employee

find_real_file.png