Cloud Web Isolation generated error "Access denied" when SAML is configured for Management Users
Article ID: 374292
Updated On:
Products
Issue/Introduction
User cannot login to the Cloud Web Isolation Management Console using SAML. After successful authentication from IdP, user redirected to the Cloud Web isolation Login Page with "Access denied error":
Environment
SAML is configured for Management Users
Cause
Attribute values are case sensitive, it should match to relevant attribute in SAML response.
Resolution
- Login to the Cloud WI management Console with Administrator privileges.
- Navigate to Management -> Management Audit Log -> look for log entry with the description "User failed to login since no roles are assigned to it."
- Double click on the log entry and verify User ID under relevant field.
- Make sure affected user is added as a Member under relevant Management Role. To do it navigate to Cloud WI management Console -> Management -> Management Roles -> Click Update under relevant role. User ID is case sensitive.
Feedback
