Troubleshoot SSO configuration
  • 07 Mar 2025
  • 1 Minute to read
  • PDF

Troubleshoot SSO configuration

  • PDF

Article summary

About

This guide provides step-by-step instructions to help troubleshoot Single Sign-On (SSO) login issues for Sanas. Follow the applicable steps to diagnose and resolve problems quickly.

Before You Begin

  • You must have administrator privileges for both your Identity Provider (IdP) account and the Sanas Admin Portal to complete these troubleshooting steps.

  • This guide assumes that SSO has already been configured in the Sanas Admin Portal/ Desktop App. If SSO is not yet set up, refer to the Configure SSO on Admin Portal or Configure SSO on Desktop Application guides for initial setup instructions.

Troubleshooting Steps

  1. Verify SSO Configuration in Okta

    1. Log in to your Okta account.

    2. From the Okta Dashboard, navigate to Applications > Applications.

    3. Locate and open the SAML application you created for Sanas.

  2. Review SAML Settings

    1. On the Settings tab, review the following:

      • Sign-in URL: Ensure this matches the Reply URL configured in the Sanas Admin Portal.

      • X.509 Signing Certificate: Confirm that the uploaded certificate in Sanas matches the one provided by Okta. Verify SAML values

  3. Confirm attributes mappings

    1. Select the Mappings tab (attribute mapping section).

    2. Verify that the following attributes are correctly mapped:

      • username: user.login

      • name: user.firstName + " " + user.lastName

      • (Optional) sanasTeam: user.sanasTeam

      • sanasUserType:  user.sanasUserType
        Review attributes mapping

    3. Correct any mismatched attributes and save the changes if needed.

  4. Review Failed Login Attempts (Optional)

    If users are reporting login failures, review the logs in Okta:

    1. Navigate to Monitoring > Logs.

    2. Review the details to identify potential causes such as:

      • User not assigned to the Sanas app.

      • Attribute mismatch.

      • Expired or invalid certificate.

      • Incorrect SAML endpoint.

Need Help?

Need help? get in touch with our Support Team.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.