Troubleshooting SSO configuration issues

This article is for IT Contacts or staff setting up SSO in Pulse.

Single Sign-On (SSO) lets users sign in securely without remembering their Pulse username and password. Instead, they can sign in to Pulse using their school credentials, like those they would use when signing in to Google or Microsoft accounts. See Setting up SSO in Pulse for detailed instructions.

Tips

To avoid configuration errors, make sure to:

  • Follow the steps in Part 2: Set up SSO of the SSO configuration guide.
  • Follow the instructions outlined in the downloadable configuration guide for your SSO identity provider (see Step 4 of Part 2: Set up SSO. These instructions are specific to your SSO provider (e.g. Google Workspace or Microsoft Entra).
  • Ensure your SSO Provider information is entered correctly into Pulse. This includes the SAML metadata file and the email address attribute name (see step 5 of Part 2: Set up SSO).

Troubleshooting ‘No email claim present in response from IdP’ error

01_no email claim present.png

Image 1: “No email claim present in response from IdP” error.

This error occurs when the Identity Provider’s email attribute is incorrectly mapped in your SSO provider (for example Google, Microsoft).

To fix this issue, make sure the email used in your SSO Identity Provider is correct and matches the NameID element of the SAML metadata file. Then, follow the steps in the downloadable guide for your Identity Provider to ensure all required details are entered correctly.

Troubleshooting platform-specific errors

The following are some platform-specific errors for Google.

Google: “malformed_certificate” error

02_malformed certficiate.png

Image 2: "malformed_certificate" error

The malformed_certificate error occurs when the SAML metadata.xml given to Pulse differs from the certificate that Google has on record for you. It can also mean the certificate is corrupted or missing.
To fix this issue, generate a new certificate for Pulse in the Google Workspace Admin Console. Export the new metadata.xml file. Contact Linewize Support for further instructions.

We’ve included the steps for generating new certificates in the downloadable SSO configuration guide for Google (step 4 of Part 2: Set up SSO).

Google: “app_not_enabled” error

03_app not enabled.png

Image 3: “app_not_enabled_for_user” error

An app_not_enabled error happens when you don’t have the correct permission (for example, an IT Administrator or IT Contact) to access Pulse SSO configuration in Google Workspace. Sign in to Google Workspace Admin Console and:

  • Check that you have the correct permissions to configure SSO in Pulse.
  • Ensure your permissions configured in Google match those provided in the SAML metadata. The steps to configure these permissions are outlined in the SSO downloadable guide. See Step 4 of Part 2: Configure Single Sign-On (SSO).
  • Ensure the app ID is correct.

Check Google’s troubleshooting steps for SAML app error messages for more information.

Microsoft: “AADSTS50105” error

04_entraerror.png

Image 4: "AADSTS50105" error

Error AADSTS50105 occurs when the user setting up SSO in Pulse doesn’t have matching permissions between Pulse and Microsoft Entra or Active Directory. Ensure you have Administrator permissions for both systems.

Refer to Error AADSTS50105 - The signed in user is not assigned to a role for the application (Azure | Microsoft Learn) and Quickstart: Create and assign a user account for instructions.

How will I know if my SSO provisioning is successful?

Pulse will send you an email containing the SSO activation link once provisioning is complete (this can take up to 30 minutes). Open the link and follow the instructions on the SSO activation screen. See Part 3: Activate SSO for the steps.

 

What to do next

If you have followed the steps above and still encounter issues, contact Linewize Support and provide the details of your issues, including:

  • the SSO configuration stage where you encountered the issue
  • screenshot of the issue or error message
Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.