qqq
TroubleshootingInitial

SAML Authentication Errors

Common SAML authentication issues and solutions

SAML Authentication Errors

Invalid Signature

Symptom: SAML Response signature verification failed

Causes:

  • Certificate mismatch
  • Clock skew between systems
  • Response tampering

    • Solutions:

  • Verify IdP certificate:
    • openssl x509 -in idp-cert.pem -text -noout
  • Check clock synchronization:
    • ntpdate -q time.google.com
  • Update certificate in configuration:
    • sso:
  saml:
    idpCertificate: ${IDP_CERTIFICATE}

    Redirect Loop

    Symptom: Endless redirect between app and IdP

    Causes:

  • Session not being created
  • Cookie issues
  • ACS URL mismatch

    • Solution: Verify ACS URL matches IdP configuration exactly.

    About SSO Authentication

    Single Sign-On authentication with SAML 2.0 and OAuth 2.0/OIDC support.

    View Full Documentation
    Powered by qqq