On this page you will find common errors associated to the configuration of Single Sign On. Please find your solution based on the error code.

If your error is not listed on this page, please double check the configuration steps on Configuring Single Sign On. If you need more help please contact [email protected]

Problem

The SAML request does not contained a signed response

Solution

To be resolved by: client side - Azure administrator

Set Signing Option to 'Sign SAML response and assertion'

Problem

User is not assigned to the Azure Application Registration

Solution

To be resolved by: client side - Azure administrator

Add user, or user group, to the Application Registration

More information: Error AADSTS50105 - The signed in user is not assigned to a role for the application. - Active Directory | Microsoft Docs

Problem

Reply URL is incorrectly configured

Solution

To be resolved by: client side - Azure administrator

Configure correct Reply URL following the specification in Configuring Single Sign On (please note the different URLs between Test and Production)

More information: Error AADSTS50011 - The reply URL <reply URL sent> specified in the request does not match the reply URLs configured for the application <GUID>.... - Active Directory | Microsoft Docs

Problem

Return URL is incorrectly configured

Solution

To be resolved by: client side - Azure administrator

Configure correct Redirect URL following the specification in Configuring Single Sign On (please note the different URLs between Test and Production)

More information: Error AADSTS50011 the redirect URI not match the redirect URIs configured for the application - Active Directory | Microsoft Docs

Problem

A required claim is missing

Solution (Azure AD)

To be resolved by: client side - Azure administrator

The 'Claim name' does not match the specification in Configuring Single Sign On