cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAC SAML Okta Integration

Go to solution
vitran23
Active Participant

on ‎08-26-2020 12:57 AM

0 Kudos

We are currently going through the setup with SAC and Okta. The issue I’ve ran into is when trying to save my SAML info I get a red box error around the user id box with no information on why it’s incorrect. Now I’m assume the issue could be that currently the User ID does not match what we use in our AD.


is it possible to have SAP update the user id’s? Would want to avoid deleting and recreating the users since the content would have to be moved.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

vitran23
Active Participant
‎10-21-2020 3:46 PM
0 Kudos

Well it seems like the issue was when we initially setup our SAC account it was caching the email. SAP had to clear the cache and we had to go through the SAML verification process again which we wanted to use Domain names and it finally worked.


If you run into issues and the verification process doesn't work then that is more than likely the issue and you need to get SAP involved to clear the cache on SAC. They stated it's a known issue and its' in the pipeline to get fixed.

Show replies
Show replies

Answers (4)

Answers (4)

mfoeken
Active Contributor
‎08-26-2020 11:55 AM

Hi Vi,

I don't believe it's possible that SAP support updates the username in SAC. Can you check your SAML assertion via the SAML tracer in the browser and compare to doublecheck if there is a mismatch?

Kind regards,

Martijn van Foeken | Interdobs

Show replies
Show replies
JefB
Active Contributor
‎08-26-2020 7:13 AM

For us it started working when choosing 'Custom SAML User Mapping' in the User Attribute dropdown. Maybe because of some uppercase/lowercase mismatch with the userid's.
See here: https://launchpad.support.sap.com/#/notes/2824009
and here: https://launchpad.support.sap.com/#/notes/2656152

Show replies
Show replies
former_member8403
Advisor
Advisor
‎09-01-2020 2:15 PM
0 Kudos

vitran23 Please add this addon in Chrome then check what is being done while you authenticate the user (verification part): https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace

Please look for a nameid in the result responses of the Chrome Dev Tool's SAML tab. The NameID there will then match or not with the provided saml mapped user in the idp.

Either or if you look for support also share your findings incl this thread with support team as they should be able to help or guide you further (but certainly with lower priority).

Show replies
Show replies
vitran23
Active Participant
‎09-01-2020 3:41 PM

Thanks for the additional information. I'm working with SAP Support now to walk through what the issue is since I've followed all the guides that I found and it's still not letting me save properly even though the NameID from the IDP matches what I have setup inside of SAC.

former_member8403
Advisor
Advisor
‎09-02-2020 11:39 AM
0 Kudos

great, share your outcome pls

vitran23
Active Participant
‎08-26-2020 12:58 PM
0 Kudos

Well I can't even get it to save my SAML configuration to even test it. When I try saving the box that populates with the User ID turns red with no explanation on the error other than it's a error and I can't save it.

The unknown is if I do get it to save and can't get back into the admin, what's the backdoor to get back in and fix it?

Show replies
Show replies
Ask a Question