search cancel

WSS Agent with SAML authentication enabled displaying 404 page not found message instead of IDP login page


Article ID: 213452


Updated On:


Web Security Service - WSS


WSS Agent enabled with SAML authentication

When user enables the WSS agent, a popup appears on the screen as shown below with a 404 status code - user has no option to enter credentials



If the user moves the popup to the side, opens a browser and manually browses to, the SAML IDP server login page is presented and user can login. 


Microsoft Defender client firewall blocking requests to the SAML endpoints (WSS SAML SP and Azure SAML IDP server in this case)


Windows 10 workstation

WSS Agent 7.3.1

Microsoft Defender firewall enabled


Whitelist all WSS Agent executables from going through Microsoft Defender

- C:\Program Files\Symantec\WSS Agent\wssad.exe
- C:\Program Files\Symantec\WSS Agent\wssa-ui.exe
- C:\Windows\System32\WWAHost.exe

The WWAHost is what is presented in the SAML login popup and what is used to send the requests needed to handle the communication to the IDP server (, as well as the IDP server domains).

You can also whitelist the IP addresses of these hosts too if you want to avoid doing it at the application level. 


Screenshot of Defender configuration: Showing IP address changes but where the App bypass will go too.