Expand my Community achievements bar.

Latest Community Ideas Review is Out: Discover What’s New and What to Expect!
SOLVED

SSO log in issues

Avatar

Level 4

Anyone else having loads of workers not letting them log in? They're getting the attached error, over the last few days. 

 

I believe it's a SSO issue, but anyone know why / where its coming from as it's only some users?

 

Thank you!

1 Accepted Solution

Avatar

Correct answer by
Level 4

Hi all,

 

FYI - Sharing incase this is helpful to anyone else in the future.

 

It turns out it's an IT related issue with a software transfer to a new tool which changed everyone's user names/ logins from caplocks letter to non-cap lock letters impacting users to being able to log in.

 

 

 

 

View solution in original post

11 Replies

Avatar

Level 10

Hi,

Once SSO implemented, the user has to go via SSO. Add / pull Workfront icon in SharePoint or your other login domain -->then update credential from outlook / office. Once you click Workfront icon, the user login is possible.

Kundanism_1-1692613325272.png

 

Avatar

Level 4

thanks for your reply. but it's been working for 6+ months and just today suddenly many users are having log in issues. what would be the cause? the SSO has already been implemented

Avatar

Level 10


Hi,

I believe they must use SSO exclusively. The IT department can configure two different login methods: one via SSO and the other via the normal website login. It appears that they have transitioned to having only SSO as the login option for rest of users. It seems the other option has been removed. It's possible that these changes have been recently implemented, leading many users to encounter errors when trying to log in through the normal login page on Workfront.

Avatar

Community Advisor

@Jaxelle 

Did you receive a message from Adobe that your SSO Certificate needs to be updated and did you do that? I'm not sure if everyone's certificate needs to be updated at the same date or if there's some buffer time built into the deadline they provided us, but ours was due Aug. 13. It's generally a yearly process to be updated, but if everyone's due at the same time you might hit it even if you've only been using SSO a few months.

 

We had received the following message:

The Adobe Workfront SAML 2.0 security certificate has been replaced with a new certificate. 

To ensure uninterrupted Workfront services for your users, please consult your organization's IT/SSO team to confirm whether the Workfront signing certificate is being used by your SSO provider:

For additional information, or for assistance with the manual configuration of metadata, contact Workfront Support.

Avatar

Level 4

Hello,

 

Yes I did, and I did update it, but it's just weirdly locked out 15+ people (not everyone) so if it was a certificate issue it would likely impact everyone.

Avatar

Community Advisor

I wonder if maybe some of your users could try clearing cookies and cache to see if that solves it?

Avatar

Community Advisor

The first place I'd look is on the user profile in the edit mode:

Screenshot 2023-08-21 at 8.17.38 am.jpg

Post back and let us know what it says.

Avatar

Level 4

yes this is all ticked for all the users. thank you

Avatar

Community Advisor

I came here to post this solution

 

If your users do not have "Only allow SAML" they will also be prompted with a login screen when their activity times out - this can be very confusing if the user does not know to edit the URL to remove the "/login" part.

Avatar

Community Advisor

Without knowing your specifics on the steps you use to access Workfront, it could be hard to troubleshoot. The steps I usually take when users are having access issues are:

 

1) Are they going through the SSO platform to get access or are they going directly to a URL to login

2) is the SSO email properly formatted in Workfront

3) Did they somehow lose access through your SSO platform?

 

If all those scenarios don't help, I typically work with my internal IT team that manages our SSO platform to help me troubleshoot. 




Avatar

Correct answer by
Level 4

Hi all,

 

FYI - Sharing incase this is helpful to anyone else in the future.

 

It turns out it's an IT related issue with a software transfer to a new tool which changed everyone's user names/ logins from caplocks letter to non-cap lock letters impacting users to being able to log in.