Error "Your Single Sign-On attempt failed" when logging into an organization with SAML authentication
search cancel

Error "Your Single Sign-On attempt failed" when logging into an organization with SAML authentication

book

Article ID: 370896

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • Unable to login to an Organization with SAML authentication.

 Error: Your Single Sign-On attempt failed

  • From the /opt/vmware/vcloud-director/logs/vcloud-container-debug.log, the following entries are seen: 

 2004-06-07 07:00:32,468 | DEBUG  | pool-jatty-5867891  CustomWebSSOProfileConsumerImpl | validation of authentication statement in assertion failed, skipping requestid-700xxxx-xxxx-xxxx-xxxx-x251.

 Local entity is not the intended audience of the assertion in at least one AudienceRestriction

 

Environment

VMware Cloud Director for Service Provider 10.x

Cause

This issue can occur when there is a mismatch between Entity ID in vCD and audience in SAML identity provider 

Resolution

  • Login to SAML identity provider.
  • Under DECODED make a note of the saml: Audience ID.

  • Login to vCD tenant portal, From the top navigation bar, select Administration.
  • In the left panel, under Identity Providers, select SAML and check for the Entity ID.
  • Make sure both the Entity ID in vCD and audience in SAML identity provider must exactly match (case sensitive) for successful authentication.
  • If there is any mismatch in the Entity ID, Click on Edit and update it accordingly from vCD tenant portal.

Powered by Wolken Software