This article will explain how you can find out what is causing a Single Sign-On error.
In order to troubleshoot the error, you need to go to the Integration Dashboard, click on Tools on the SSO integration and then Debug Mode.
Enable the Debug Mode
Please, note that it will be enabled until you decide to disable it. If you would like to make any changes to the configuration of the integration, the debug mode needs to be disabled.
Step 1: Get the user to attempt a login
Get the user to attempt a login and ask them to share a full screenshot of the error page they see and the exact time of their attempt.
Once you have this information, you can copy the error code that they’ve received, go to Troubleshooting Errors and paste the code there.
It will show you the exact error message attached to this code.
You can check our article on understanding SSO errors here.
But essentially, this needs to be sent to the Identity Provider so they can look into why the identity of the user is not being passed through to us.
Step 2. Check the SAML Response
If you would like to get more detailed information about the SAML Response we’ve received, it can be found in the Debug Mode. This is why you need the exact time of the login attempt so you can make sure you are looking into the correct response.
You can send this SAML Response and the error message to the Identity Provider so they can look into the issue.
If you are still not able to resolve this, you can contact the Integrations Team at firstname.lastname@example.org