SSO configuration: Redirect failed, please contact your administrator.

Go to solution
Ankush13
Kilo Guru

‎10-23-2016 10:49 AM

I am trying to configure my personal dev instance to use ssocircle. It is on Helsinki release. I have imported the metadata into the instance from http://idp.ssocircle.com/meta-idp.xml. I have also imported ServiceNow generated metadata into ssocircle account that I have. I manually created the ID that I am using in ssocircle in my instance with the same email address. I have also white-listed the links of ssocircle through 'glide.security.url.whitelist' property.

Now when I try 'Use external login' and enter my userid, it gives "Redirect failed, please contact your administrator." Tried dev tools of chrome to trace the request but nothing comes up.

Please let me know what am I missing?

0 Helpfuls
  • 9,751 Views
1 ACCEPTED SOLUTION

Go to solution
Ankush13
Kilo Guru

‎11-27-2016 08:43 AM

I was able to resolve it. Turns out that decoding needed another certificate. Adding it resolved the issue.


View solution in original post

9 REPLIES 9

Go to solution
Ankush13
Kilo Guru

‎10-24-2016 09:53 AM

I deleted all the configuration and redid it from scratch but still the same. Has someone else faced this issue before?


0 Helpfuls

Go to solution
Ankush13
Kilo Guru

‎11-27-2016 07:15 AM

I was able to move forward with this. Logging in gets redirected to ssocircle and I am able to authenticate. Also created that ID with same email in sys_user table.


After authenticating, when it comes back, ServiceNow is unable to validate response and throws an error -


SAML2: Could not validate SAMLResponse: no thrown error

Log entries suggest this -


Capture.JPG



Please let me know if I am missing something?



Thanks.


Preview file
30 KB
0 Helpfuls

Go to solution
Dan Belostotsk1
Mega Expert
In response to Ankush13

‎03-15-2017 02:01 PM

Hi,
Could you explain some more regarding " decoding needed another certificate" .
Also if possible a few words about the pritscreen added above. Where is this log data comming from?
What URLs were added to glide.security.url.whitelist ?



Thank you, having the same issues.


0 Helpfuls

Go to solution
Ankush13
Kilo Guru
In response to Dan Belostotsk1

‎03-15-2017 08:10 PM

When I checked XML of IDP; it had two certificates. 1 was auto-generated when we retrieve configs using UI action, another one does not. So I created another one with the XML key mentioned in IDP XML and it worked.


glide.security.url.whitelist should have IDP URL; but I don't think this will make much of a difference.


You need to enable debug under SSO properties to see those entries. They can be found in logs after you enable debug and try to authenticate via SSO.



0 Helpfuls