Skip to main content

Knowledge Base

Single Sign On (SSO) Troubleshooting Logs

On occasion, you might run into errors while setting up Single Sign On (SSO) in your Bynder portal. If you’ve completed the steps for setting up SSO, but are still experiencing login issues, see the chart below on how to resolve the issue.

Learn more about setting up SAML SSO Google SSO (coming soon!)

How to Troubleshoot SSO

  1. Navigate to Settings > Advanced Settings > Portal Settings

  2. Click Login Configuration on the left sidebar

  3. Select the SSO method that you would like to review

  4. Select Logs

  5. Here you will see the list of login events. Click Login failed to see the specific error

  6. Use the information in the chart below to help identify and troubleshoot the issue

SAML Response Validation

These errors correspond to invalid SAML configuration in the idp and in Bynder platform.

Table 2. SAML Response Validation

Error

Description

SSO disabled

This SSO method is disabled in Bynder's login configuration.

Invalid issuer

Received "{received}" instead of the expected "{expected}", which is the configured value for Identity Provider Identifier.

Invalid audience

"received}" was not found in the audience restriction.

Invalid signature

The signature validation of the SAML response failed. The certificates in the SAML response and the SSO method configuration don't match.

Response not signed

No signature was found in the SAML response. The signature hasn't been setup in the identity provider.



User Validation

These errors may happen in both SAML and OpenID SSO flow, and are relative to user management in Bynder's platform.

Table 3. User Validation

Error

Description

Email not found

No valid email was found in the attribute with Name "{attribute}" or in the NameID value

First name not found

No value was found in the attribute with Name "{attribute}".

Last name not found

No value was found in the attribute with Name "{attribute}".

Inactive user

This user is currently deactivated and not allowed to log in.

User not found

The user does not exist and couldn't be created because just in time user provisioning is disabled in the SSO method configuration.



Invalid OpenID/Google

These errors may happen specifically for OpenID/Google SSO flows.

Table 4. Invalid OpenID/Google

Title

Description

Domain not allowed

User email is not included in the configuration's allowed domains

SSO disabled

This SSO method is disabled in Bynder's login configuration.

Login failed

Something went wrong, please try again later and if the issue continues, contact Support.



Still receiving an error?

  Please contact support.

Related Articles

How to Configure SAML SSO

Login Configuration Look & Feel

How to Configure Google SSO