This article outlines errors that can occur during the SSO connector setup and their resolutions.
Contents:
Invalid SAML Signature
Error:
The SAML assertion from the identity provider has an invalid signature. If you are the administrator, please ensure the SSO Connector is configured to use the correct SAML certificate for the identity provider.
Cause:
The identity provider metadata and the SSO connector variable DASHLANE_SSO_SAML_IDP_CERTIFICATE are mismatched.
Sometimes this is caused by the XML file being opened in IE, which can add extraneous data when copying the page within IE.
Resolution Steps:
- Redownload the XML metadata from your identity provider.
- Open the XML file using notepad or a plain text editor program
- Paste the XML data into the Dashlane console
- https://console.dashlane.com > Settings > SAML SSO > Identity provider metadata
- You will not use the newly generated key, but you will need to click the 'generate key' to download the config file.
- Download the config file from the Dashlane console.
- In portal.azure.com go the the Azure app you created – Configuration and re-paste the DASHLANE_SSO_SAML_IDP_CERTIFICATE= from the config file you just downloaded into the corresponding value in Azure.
- Click Save.
- Restart the app service.
- Run the test again from the Dashlane console, you should see the below message.
Application with identifier was not found in the directory
Error:
Application with identifier was not found in the directory.
Solution:
Ensure your Entity ID and ACS URl's are exactly as noted in your admin console. This most commonly occurs because the trailing slash on the Entity ID was missed. Ensure there is a slash after saml on the Entity ID on your Enterprise Application
https://mycompanysso.azurewebsites.net/saml/
Application Error
Error:
If you are the application administrator, you can access the diagnostic resources.
Cause:
This is typically caused when more more than one SSO encryption connector encryption key is generated.
Resolution Steps: