Known Issues – SAML SSO
Q1: SSL (.pfx) certificate password validation in SAML Sign On page
Description
1. We encountered a problem with the Prolaborate SAML settings page when investigating an issue for Zabka.
2. The SSL (.pfx) password is not being validated in the SAML settings page.
3. In the below screenshot I have entered an incorrect password and when I click the Save button, a message is displayed saying "SAML Settings Updated Successfully!".
4. This was replicated in the Prolaborate V4.4.2.11.
Workaround
1. Based on the inputs from Product Team, there is no field validation for the certificate password field. Hence no error message is displayed when an incorrect password is entered.
2. As workaround, we must refer the SAML error logs to find out the errors in certificate password validation.
Reference
Ticket ID: #2760
Subject: ODP: Subscription Expiry
Department: Prolaborate Support
URL: https://desk.zoho.com/agent/sixthforcesolutions/prolaborate-support/tickets/details/759413000010282289
Department: Prolaborate Support
URL: https://desk.zoho.com/agent/sixthforcesolutions/prolaborate-support/tickets/details/759413000010282289
Ticket ID: #3992
Subject: SSL certificate (.pfx) password is not being validated on the SAML Settings page.
Department: Prolaborate Support
URL: https://desk.zoho.com/agent/sixthforcesolutions/prolaborate-support/tickets/details/759413000014599021
Subject: SSL certificate (.pfx) password is not being validated on the SAML Settings page.
Department: Prolaborate Support
URL: https://desk.zoho.com/agent/sixthforcesolutions/prolaborate-support/tickets/details/759413000014599021
Q2: SAML Group Configuration error
Description
The customer reported configuring the SAML Group in Prolaborate.
First response – Troubleshooting Steps
(This is the initial Mail to the customer)
Please check the following steps to integrate your SAML groups with the Prolaborate user groups using SAML configuration:
- Groups with associated users are required to be created in your IDP provider.
- Then in Prolaborate we have to create the number of groups respectively to your IDP groups.
- Then create the respective profile in the Acess control profile menu to configure the role bases access in the Prolabrate SAML application.
- On the 'Create Access Control Profile' page, define the appropriate user groups to automatically allocate the correct users from the SAML groups
- Refer to this link for more information on the Access Control Profile menu.
- Once the above step is completed, we have to link the SAML User Groups to the respective Profiles.
- Kindly check this link for more information on Link Role-based access directly with the SAML user Groups.
Remediation
This can only be resolved by the L2 Team
Escalation Contact
This can be L2 team
Reference
Ticket ID: #3127
Subject: Questions about SAML, Teams integration : Retraite Quebec (RQ) client
Department: Sparx Platform Support
Q3: "Access denied" error when clicking SSO in Prolaborate.
Description
The customer reported being unable to access Prolaborate. When clicking the SSO, they encountered an "access denied" error in Prolaborate.
Possible Reason
As confirmed by the Dev team, the access denied error occurs during the machine scale-up (auto-scaling environment) when users click login with SSO at that time. it will automatically resolved once the scale-up is completed.
Workaround
If the issue may have occurred due to an old certificate being uploaded in the SAML group, but if the certificate is valid and the issue still persists, please inform the customer to reconfigure the SAML group and restart the customer environment on our side.
Reference
Ticket ID: #9637
Subject: Unable to access the environment
Department: Sparx Platform Support
Q4: SAML SSO Login is redirecting back to the login page
Description
When using the “Login in with SSO” option in the Prolaborate login page, the user is redirected to the SSO site for Login credentials. After successful login in to the SSO site, Prolaborate is redirected back into the Login page instead of logging into Prolaborate.
Possible Reason
1. Incorrect Attribute Mapping
The issue might occur due to the misconfiguration of the “Attribute Mapping” sections in the “SAML Single Sign On” page of the Prolaborate. If there are any errors in the attribute mapping, the users are not logged into the Prolaborate instead they are redirected back to the Login page. this issue can be solved by entering the appropriate attributes in the Attribute mapping section in both Prolaborate and the Identity Provider page.
2. Bug in Prolaborate Version 4.4.1
In Prolaborate version 4.4.1, there is a known bug where the login with SSO button redirects to the login page if a registered user and an IDP user share the same email ID.
3. License could be fully occupied at User and license management.
The login issue may also arise if all available licenses are fully occupied in the User and License Management section.
Note: As of Prolaborate version 5.2 there is no valid error message for this issue when user tries to login, however created an internal ticket for that ticket no: 10733 so for latest update check this ticket.
Reference
Ticket ID: #10719
Subject: Ravi (Login issue)
Department: Sparx Platform Support
URL: https://desk.zoho.com/agent/sixthforcesolutions/sparx-platform-support/tickets/details/759413000039788029
Tags
pfx certificate password ,password ,saml ,saml group configure ,sso group, sp certificate ,ssl password validation , access denied error, SSO access denied, SAML SSO Login is redirecting back to the login page, unable to logging in. Related Articles
SAML SSO Login is redirecting back to the login page
Troubleshooting: SSO Login errors Issue Title: SSO Login is redirecting back to the login page Description When using the “Login in with SSO” option in the Prolaborate login page, the user is redirected to the SSO site for Login credentials. After ...Prolaborate Cloud - Domain Name Change & SSO SSL Certificate Handling
Changing the Domain Name in Prolaborate Cloud Environment If your organization is moving to a new domain (e.g., from @old-domain.com to @new-domain.global) and you're using Prolaborate Cloud, follow these steps for a seamless transition. What Does a ...Prolaborate Access Control & SSO
This document consolidates information from customer reported issues and FAQs related to Prolaborate’s Access Control Profiles, SAML Single SignOn (SSO) configuration, readonly access, and a known login issue after license changes. It is intended to ...FAQ's - SAML SSO
Q1: After the Prolaborate upgrade, Single Sign-On (SSO) was unable to launch, and an "Access denied" error is displayed. Answer This issue may have arisen due to a glitch in the system. To remedy this, please follow these steps: Reconfigure the SAML ...Prolaborate Active Directory Troubleshooting and Known Issues
This consolidated document summarizes the customer‑reported issues related to setting up Active Directory (AD) with Prolaborate. The goal is to help support teams and automated systems (e.g., Zoho Desk) identify known problems and guide customers ...