LATEST VERSION: 1.7 - RELEASE NOTES
Single Sign-On v1.7

Troubleshooting

This topic describes how to resolve common errors that arise when configuring a single sign-on partnership between Azure Active Directory (AD) and Pivotal Single Sign-On (SSO).

Failed Login

Symptom:

You cannot log in to your SSO plan.

Solutions:

  • Pivotal recommends using a different browser or deleting your browser cache and history before you log in to your SSO plan. Your SSO plan can fail if you are already logged in to Azure AD as the Global Administrator account that was used to set up all the configurations.

  • If your login fails more than five times, Azure locks your account for 30 minutes. There is currently no way to unlock an account in Azure AD, so wait for the lockout period.

  • Pivotal recommends testing your SSO plan from Azure AD to see the contents of the SAML assertion. For more information, see Test Your Configurations in Azure AD.

App ID Not Found

Symptom:

Azure app id

Explanations:

  • The App ID URI is misconfigured on Azure AD.

Reply URL Does Not Match

Symptom:

Azure reply url

Explanation:

  • The Reply URL is misconfigured on Azure AD.

Missing Name ID

Symptom:

Azure missing nameid

Explanation:

Create a pull request or raise an issue on the source for this page in GitHub