Troubleshooting

Warning: Pivotal Single Sign-On v1.11 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

This topic describes how to resolve common errors that arise when configuring a single sign-on partnership between Google Cloud Platform (GCP) OpenID Connect (OIDC) and Pivotal Single Sign‑On.

Symptom:

Dialog box says welcome to Example, Email,
    Password and fields and a sign-in button.

Explanation:

  • Incorrect or unavailable discovery URL. No link will appear on the login page.

No OAuth Client Found

Symptom:

Gcp no client

Explanation:

  • Incorrect OAuth Client ID configured.

Unauthorized

Symptom:

Gcp unauthorized

Explanation:

  • Incorrect OAuth client secret configured.

Redirect URI Mismatch

Symptom:

Gcp mismatch

Explanation:

  • Incorrect authorization redirect URI on OAuth Client.

Empty Username

Symptom:

Gcp empty

Explanation:

  • user_name attribute was not mapped to email.

Unable to map claim to a username

Symptom:

Gcp empty

Explanation:

  • The scope for “email” was not configured. Select the “email” scope in your identity provider configurations.