How to Resolve SAML Login-Based Errors Or Issues
User Group Error (AADSTS50105) #
Error Message Of:
Error AADSTS50105 – The signed in user is not assigned to a role for the application.
Cause:
The user hasn’t been granted access to the application in Azure Active Directory. The user must belong to a group that is assigned to Symbiant, or be assigned directly.
Fix:
To assign one or more users to an application directly, see Quick Start: Assign users to an app.
No signing key configured (AADSTS50003) #
Error Message Of:
You receive error AADSTS50003 when trying to sign into an application that has been setup to use Azure AD for identity management using SAML-based SSO
Cause:
The certificate given to Symbiant Support is incorrect or not recognized.
Fix:
Delete and create a new certificate, follow the steps below:
- On the SAML-based SSO configuration screen, select Create new certificate under the SAML signing Certificate section.
- Select Expiration date and then click Save.
- Check to Make a new certificate active to override the active certificate. Then, click Save at the top of the page and accept to activate the rollover certificate.
- Under the SAML Signing Certificate section, click remove to remove the Unused certificate.
- Email Symbiant Support the new Certificate
Misconfigured Application (AADSTS650056) #
Error Message Of:
Error AADSTS650056 – Misconfigured application.
Cause:
The Issuer attribute sent from the application to Azure AD in the SAML request doesn’t match the Identifier value configured for the application in your Azure AD (Provided by Symbiant Support).
Fix:
Ensure that the Issuer attribute in the SAML request matches the Identifier value configured in your Azure AD (Provided by Symbiant Support).
