SAML Response Invalid - MultiSSO

saloniahuja · ‎06-14-2017

On our dev instance(Istanbul) , we have enabled MultiSSO plugin

Configured IDP by importing XML

But, we are getting to logout page after login.

How can I debug this? Can someone help please ? Thanks in advance.

Saloni

vab_13 · ‎06-14-2017

Most likely SAML Response is evaluated being invalid and you are getting to the logout page.

Enable Multi-SSO Debug.

This debug will start printing logs along with actual SAML Response XML.

The logs will confirm on why SAML Response is being invalided. If you configured by importing XML from IDP, make sure there is no trailing forward slash "/".

Validate certificate.

From Multi-SSO Properties, enable Debug:

Multiple Provider Single Sign-On - ServiceNow Wiki

This will start printing debug information.

This debug information is pretty descriptive to confirm on why SAML Response

You can leverage script from my article to see if there is a Certificate issue:

If you still run into issues, reply back with your instance name or log a call in Hi: we can assist.

Vab

View solution in original post

saloniahuja · ‎06-14-2017

Hi Vab,

Thanks for the reply. We are troubleshooting now. Debug is now enabled.

I worked with Hi Support on couple of issues, the log file they look at by logging onto the actual server: can we request for the actual log file to be sent to us?

Saloni

vab_13 · ‎06-14-2017

np.

You dont need to contact Hi for getting the log file.

You can download it from UI itself.

Name: localhost_log.<date stamp>.txt

saloniahuja · ‎06-14-2017

Thanks! I wasnt aware of this. Helpful.

Saloni