SAML Login: Invalid Token Error [PingID] | Community
Skip to main content
Mahedi_Sabuj
Community Advisor
Mahedi_SabujCommunity Advisor
Community Advisor
October 3, 2023
Solved

SAML Login: Invalid Token Error [PingID]

  • October 3, 2023
  • 1 reply
  • 929 views

We are in the process of integrating SAML login using SAML Handler for one of our websites. The login process works correctly at the SAML provider (PingID) end. However, once redirection to our AEM site, we encounter an "invalid token" error at this URL: 
https://aem-community.com/libs/granite/core/content/login.error.html?j_reason=invalid_token.

Upon investigating the error logs, we came across the following error:
org.apache.sling.auth.core.impl.SlingAuthenticator doLogin: Cannot login: Response already committed

Can anyone guide us how to resolve the issue?

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by EstebanBustamante

    Can you expand on what it means "the login process works correctly", does it mean that you are logged in but it is just not redirecting to a valid page? Also, did you check these posts? https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/com-adobe-granite-auth-saml-samlauthenticationhandler-saml-error/td-p/325015 

    https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/saml-aem-infinite-loop/td-p/191177

    1 reply

    EstebanBustamante
    Community Advisor and Adobe Champion
    EstebanBustamanteCommunity Advisor and Adobe ChampionAccepted solution
    Community Advisor and Adobe Champion
    October 3, 2023

    Can you expand on what it means "the login process works correctly", does it mean that you are logged in but it is just not redirecting to a valid page? Also, did you check these posts? https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/com-adobe-granite-auth-saml-samlauthenticationhandler-saml-error/td-p/325015 

    https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/saml-aem-infinite-loop/td-p/191177

    Esteban Bustamante
      Mahedi_Sabuj
      Community Advisor
      Mahedi_SabujCommunity AdvisorAuthor
      Community Advisor
      October 4, 2023

      Hi @estebanbustamante,

      "The login process works correctly" means SAML provider (PingID) response SAML attributes as expected. Issue seems related to the certificate stored in the truststore. We may need to delete and re-upload the new idp_cert as recommended here https://experienceleague.adobe.com/docs/experience-cloud-kcs/kbarticles/KA-17476.html.

       

      Mahedi Sabuj
      Terms & ConditionsAccessibility statement

      Loading footer...