SAML FAQ's

SAML FAQ's

Please find the list of frequently asked queries in SAML

1. I have enabled SAML but still could not find a way to log in using SAML

Since the application has multi-tenant feature there are certain security added to the SAML login. In a SAML configuration, if only one account is assigned, then SAML SSO will work only when the application is accessed via the Account-Specific URL and not the default URL. 

If Mark as Default SAML configuration is enabled, then SAML SSO will work with the default URL. However, the SAML configuration will apply for all accounts. 

2. When a new user logs into the application using SAML, how will it work?

The application matches the application username with the SAML username, when it matches the existing user is overridden, if it does not a new user will be created which we call it Dynamic User Addition

If Mark as Default SAML configuration is enabled then the dynamic user addition will not work, since the application does not know which account the user belongs to. 
If SAML is configured to a specific account, then Dynamic User addition will work, the user present in iDP will be created as a user in SDP-MSP

3. A user is unable to login dynamically, receiving Error code 60

If the name ID format is set to Email Address, then the dynamic user addition does not work. The reason is, dynamic user addition looks up the email address field and in MSP, the uniqueness of a user is based on the loginname. If user login via dynamic user addition, opt for other name id format. 

      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • HTTP ERROR 400 when logging in via SAML - Description and Resolution

                      Description: When logging into the application via SAML, the following error occurs even when the configurations are accurate. Overview: When you see an HTTP ERROR 400 during a SAML login, it means there’s a "Bad Request" error. This error occurs ...

                    • The Saml Error code 50 appears when multiple URLs are used for the SDP

                      Issue: When multiple URLs are used for the application, SAML authentication fails on the first attempt. Fix: The issue is resolved by redirecting to the alias URL before triggering the /SamlRequest call. ISSUE ID: SD-124988 Resolution: The fix for ...

                    • Startup issue in Linux after fresh installation_Error code 10001

                      In certain scenario, the application cannot be started just after the fresh install. Below are the error traces, [06:24:57:427]|[10-11-2021]|[pglog]|[INFO]|[18]: -sh: 1: /root/ManageEngine/ServiceDeskPlus-MSP/pgsql/bin/pg_ctl: Permission denied| ...

                    • SAML | Configure KeyCloak as IDP

                      Setting up KeyCloak Download KeyCloak from their official website (Used v25 here). Open conf/keycloak.conf and enter the hostname Run sh kc.sh start-dev Create a user and login at http://localhost:8080 Setting up the IDP: To enable logging, go to ...

                    • Unable to configure SAML using OneLogin -Uploaded Certificate is Invalid

                      Upon configuring SAML, if you come across the below errors: Uploaded Certificate is Invalid (Happens with .PEM cert generated in OneLogin) failed to update IdP details. Check logs for details Verify the below trace in the Logs: ...

                      Related Products