SAP Knowledge Base Article - Public

3240859 - User unable to use SAML auth (On Premise)

Symptom

One of our users is unable to log on using SAML authentication. Their screen bounces between the login screen and the SAML auth screen in a loop. 

Our SAML team took a look at the logs, and see that the SAML response seems to be as expected.

Resolution

Obtain SAML response with the results of them doing SQL query 'SELECT * from externaluserinfo3'

Compare SAML response with results from SQL. Typically, if a name change occurred, there may be a mismatch between the SAML response and the SQL query, for example:

<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">XXXXXX</saml:NameID>

compare with column D (NameID) of the SQL query results.

Keywords

KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To

Product

SAP Signavio Process Manager all versions ; Signavio Process Manager all versions