When using the “Login in with SSO” option in the Prolaborate login page, the user is redirected to the SSO site for Login credentials. After successful login in to the SSO site, Prolaborate is redirected back into the Login page instead of logging into Prolaborate. 

When the “Login with SSO” option is clicked, the user is redirected to the SSO site’s login page. 

After selecting the account that has to be logged on, the user is redirected back to the login page. 

Possible Reasons 

1. Incorrect Attribute Mapping 

3. IDP User changed to Registered User 

- We performed a planned upgrade activity for Tenncare, the user George Bikki’s account was changed to a Registered User. 

- The user was not returned back as an SSO user, which is the cause of this issue. 

Initial Response 

Hi <Customer>, 

Thank you for reaching out to Prolaborate Support. 

We understand that you are unable to login with SSO in your Prolaborate. We are investigating this issue with our team and will get back to you with an update at the earliest. In the meantime, could you please let us know the below information to help us with the investigating, 

1. Please share us a screenshot of the Prolaborate “Single SIgn-On” page. 

2. Screenshot of IDP configuration page. 

3. IDP metadata and .cert file. 

4. Short video reproducing the issue when clicking the “Login with SSO” button. 

5. Also ensure that the ‘.PFX’ certificate (Domain) which was uploaded to the Service Provider is valid. 

Please check and let us know if you any questions or concerns. 

Response 

Hi George, 

Sorry for the inconvenience caused earlier! 

Upon further investigation based on the logs, we have identified the problem. The issue was that Tenncare's IAM IDP ID was not rendering properly. We have made the necessary changes to address this issue. 

We have double-checked and verified that the problem is fixed and won't come up again. 

Could you please check once again to see if everything is working fine now? 

For Reason 3 Response: 

Hi [Customer Name], 

Thank you for your patience. 

After conducting further investigation, we have observed from the log file that the user with the email address [INCLUDE EMAIL ID OF THE USER] is already registered in Prolaborate User Management. Due to a bug in Prolaborate version 4.4.1, the system does not allow the addition of duplicate email IDs in Prolaborate User Management. This bug has been addressed and fixed in the latest version of Prolaborate.  

To resolve the issue at hand, please follow the steps outlined below: 

1. Rename the existing email address associated with [Email ID of the user] and save the changes. 

2. Instead of removing the user, we recommend renaming the email address to minimize any impact on the sections and group configurations. 

3. Attempt to log in with SSO again from Prolaborate to check if you can successfully log in. 

4. Once logged in, please reassign the IDP user to the appropriate user groups, referring to the registered user (mentioned in the first point). 

If following the above steps resolves the issue, we strongly recommend considering an upgrade to the latest version of Prolaborate. 

Please try the suggested steps and let us know the outcome. 

Thank you. 

Tags 

invalid certificate, expired certificate, saml issue, nexes SSO, sso redirct login page, Okta sso, Invalid attributes, Attributes mapping