search cancel

WSS and SEP Cloud integration with SAML Authentication Window is coming as Blank


Article ID: 253444


Updated On:


Web Security Service - WSS


WSS integrated with SEP Web and Cloud Access protection running in TUNNEL mode.

Users running the SEP agent get blank screen instead of SAML login page as soon as the tunnel is started as shown below:

Users testing this with MacOS clients, but issue will be visible with Windows too.

Users disable system extension1, made sure no firewall/IPS running but Auth window remains blank.




installed SEP 14.3RU6 #9070

MacOS 12.6

SAML authentication enabled on WSS tenant


SEP Application added as an Application bypass in WSS configuration, implying that the requests generated during the SAML authentication flow went direct to server and not via WSS tunnel.


Removed the following WSS Application bypass entry:

      "executablePath": "/Applications/Symantec Endpoint**",
      "codeSigner": "Developer ID Application: Broadcom Inc (Y2CCP3S9W7)"


Additional Information

Symdiag logs confirms why we are getting the blank login page … as the requests to are going out the public interface and not the tunnel interface.

This typically occurs when DNS requests cannot be intercepted by the agent (not the case), or when a bypass exists for the domains required for SAML (, which was the case above.