Found another error that we see a lot that I wanted to put check out there for you to know: The error "another user is currently logged in" occurs when the attributes sent in the SAML assertion do not match the email address that was used to start the login process.Check the attributes in the SAML assertion and make sure that they are an exact match to the ID the user is attempting to use, and also an exact match with the Admin Console. - How to perform a SAML Trace Chances are the Email address...

I have seen recently an increase of these kind of cases coming into our support teams. Thought I would address a good way to trouble shoot them:If you have a user getting "Access Denied" Here is some possible ways to address this:Possible causes for this error:The first name, last name, or email address being sent in the SAML assertion does not match the information entered in the Admin Console.The user isn't associated to the right product, or the product is not associated with the correct enti...

Let's talk about Brand Portal setups. I have seen an increase on the usage of Brand Portal. Which is Awesome! When you setup your Single Sign on for the Cloud this is for all products. One of the things that I would like you to factor in is if you intend to use Brand Portal. Brand Portal requires that you use the binding of RE-DIRECT rather than using HTTP-POST. If it is configured without using RE-DIRECT chances are your Brand Portal will not work. Simple configuration adjustment in the Admin C...

For those of you have wondered what happens when a Cloud gets untrusted? Let me answer that for you. If you have a domain that is trusted to the other Cloud and for some reason someone decides to untrust that Cloud. The Cloud that is trusted domain access gets revoked. But what is worse is that users that are associated with that domain are removed. So it is very important that you do not untrust a domain from another Cloud unless both parties have agreed on this. Because this will cause some se...

We understand the need to want to improve your current setups in the Admin Console. Sometimes that is because of new mandates that require you to get off of using Adobe IDs and move to Federated Ids or Enterprise Ids. In the forums I have covered the how do I create an Single Sign On setup. But how do you convert the users that are already in the Cloud? If you have users that are in the Cloud already and you need them moved for now the answer is to reach out to Client Care support teams. We can ...

Recently Adobe released this new feature where you can upgrade to using a SHA-256 configuration in the Admin console.First question that I always get asked: How can I tell if don't already have a SHA-256 setup? Great questions! As of November 14th 2019 any directories created at this point in the Admin console would automatically be SHA-256. So chances are if you are looking to renew your cert, or want to move the this new setup that you are going to want to do one of two options. For those of y...

I have recently seen many of our clients trying to configuration Azure with the Admin console. So I wanted to a few minutes and share some tips that might make this process a little bit more clearer on your setup. Here is the documentation for this configuration:Configure Microsoft Azure for use with Adobe SSOSetup on the document is really straight forward. The part though that I am seeing some of the struggle with is how do I create the User groups and make that equal User permissions?As we kn...

I recently had the pleasure of speaking to a client about how to setup our Single Sign On configuration. And the commit was mentioned to me that our documentation on how to configure our Single Sign on setups is hard to find. So I wanted to see if I could make that easier for some of you looking to do Single Sign on for your Clouds. Here is the current list of current setups that we have and their links to how to do them:Enabling Single Sign-On with SAML - Adobe SignConfigure Microsoft AD FS for...

Good afternoon! Noticing a few requests seem to be coming in recently regarding User permissions and understanding the roles in the Admin console so I wanted to direct your attention to this document as it explains the roles quite well:Administrative roles Here is a break down of what each permission in the Admin console actually gets. Seems lately there has been come confusion about that that I have seen so I wanted to share with you this nifty chart to better explain how it works.Hope this hel...