Topic by Jarel Birck da Silva
Hello all,
A customer wants to use the Agent Desktop SSO with SAML 2.0. They are using ADFS Identity Provider that supports such protocol.
I did all the parameterizations contained in the documentation:
- Opened an Incident to enable to SSO functionality.
- Configured a Profile and a Staff Account to login using SSO credentials.
- Set the SAML_20_SIGN_CERT Configuration setting with the SHA-1 hex thumbprints
- Uploaded the certificate to Additional Root Certificates (certs/root/) directory in the File Manager, since it is self-signed.
- Set the SAML_ERROR_URL Configuration Setting to /app/error/%error_code%
Since we are using the Account Logon to check the credentials, I informed the following URL to the IdP implementer: https://[site]/cgi-bin/[interface].cfg/php/admin/sso_launch.php?p_subject=Account.Login
However, the responsible for the IdP implementation side said to me that they did everything as instructed on the documentation and the SSO is not working. When they authenticate on IdP with the same Account login that I configured on RightNow they received the following error: SSO Login Failed
That is the only message that they are receiving and, what is worst, they are not getting redirected to the /app/error/%error_code% URL that I configured in SAML_ERROR_URL.
Explaining this, here is my points:
- There are any other configurations that I must do?
- The SAML_ERROR_URL setting works only for Customer Portal SSO?
- There is another place to look for the possible reason why the SSO login is failing? I don't know, a system log or something like that?
Regards,