Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

SSO - Error "Access Denied" logging in

Avatar

Avatar
Boost 5
Employee
Kenelson2
Employee

Likes

28 likes

Total Posts

81 posts

Correct Reply

16 solutions
Top badges earned
Boost 5
Boost 3
Boost 25
Boost 10
Boost 1
View profile

Avatar
Boost 5
Employee
Kenelson2
Employee

Likes

28 likes

Total Posts

81 posts

Correct Reply

16 solutions
Top badges earned
Boost 5
Boost 3
Boost 25
Boost 10
Boost 1
View profile
Kenelson2
Employee

22-11-2019

I have seen recently an increase of these kind of cases coming into our support teams. Thought I would address a good way to trouble shoot them:

If you have a user getting "Access Denied" Here is some possible ways to address this:

Possible causes for this error:

  • The first name, last name, or email address being sent in the SAML assertion does not match the information entered in the Admin Console.
  • The user isn't associated to the right product, or the product is not associated with the correct entitlement.
  • The SAML user name is coming across as something other than an email address. All users must be in the domain you claimed as part of the setup process.
  • Your SSO client utilizes JavaScript as part of the login process, and you're attempting to log in to a client that doesn't support JavaScript (such as Creative Cloud Packager).
  • Run a SAML trace and validate that the information being sent matches the dashboard, and then correct any inconsistencies. How to perform a SAML Trace

Hope this helps!

Kerry Nelson