Please find the list of frequently asked queries in SAML

1. I have enabled SAML but still could not find a way to log in using SAML

Since the application has multi-tenant feature there are certain security added to the SAML login. In a SAML configuration, if only one account is assigned, then SAML SSO will work only when the application is accessed via the Account-Specific URL and not the default URL. 

If Mark as Default SAML configuration is enabled, then SAML SSO will work with the default URL. However, the SAML configuration will apply for all accounts. 

2. When a new user logs into the application using SAML, how will it work?

The application matches the application username with the SAML username, when it matches the existing user is overridden, if it does not a new user will be created which we call it Dynamic User Addition

If Mark as Default SAML configuration is enabled then the dynamic user addition will not work, since the application does not know which account the user belongs to. 
If SAML is configured to a specific account, then Dynamic User addition will work, the user present in iDP will be created as a user in SDP-MSP

3. A user is unable to login dynamically, receiving Error code 60

If the name ID format is set to Email Address, then the dynamic user addition does not work. The reason is, dynamic user addition looks up the email address field and in MSP, the uniqueness of a user is based on the loginname. If user login via dynamic user addition, opt for other name id format. 
                  New to ADManager Plus?

                    New to ADSelfService Plus?

                      • Related Articles

                      • Startup issue in Linux after fresh installation_Error code 10001

                        In certain scenario, the application cannot be started just after the fresh install. Below are the error traces, [06:24:57:427]|[10-11-2021]|[pglog]|[INFO]|[18]: -sh: 1: /root/ManageEngine/ServiceDeskPlus-MSP/pgsql/bin/pg_ctl: Permission denied| ...
                      • Unable to configure SAML using OneLogin -Uploaded Certificate is Invalid

                        Upon configuring SAML, if you come across the below errors: Uploaded Certificate is Invalid (Happens with .PEM cert generated in OneLogin) failed to update IdP details. Check logs for details Verify the below trace in the Logs: ...
                      • Configuring SAML with ADFS

                        Step 1: Open the ADFS management application Step 2: Right-click Relying Party trust and choose Add Relying Party Trust. The Add Relying Party Trust Wizard opens. Step 3: Choose Claims Aware and click Start Step 4: Choose Enter data about the relying ...
                      • Configuring SAML with Azure (New)

                        Step 1: Open the Azure Portal--->Enterprise Applications. Step 2: Select the created Enterprise Application and get started with Set up Single Sign-On. Step 3: Edit the basic SAML Configuration. Step 4: Copy the Entity ID from SDPMSP and place the ...
                      • "invalid color code:undefined" error in chrome browser

                        This is possible because some extensions in the browser are interfering with the application. Open an incognito window. Disable all the browser extensions and check if that fixes the issue. Then, try enabling the extensions one by one until the issue ...