Skip to main content

We are trying to setup SSO through Azure Entra. When the user click the new login button he’s promted to Azure for login details, so far so good. 

After a successfull login through Azure (which also is clear from the Azure logs) the user is however faced with:
 

 

In IFS the Login Event Details I find entries such as :
 

 

The IAM provider is setup with Syncmode Force. In Azure the following APIs are granted to the application:
 

 

There’s no IdP attribute mappers for this IdP. 

In Azure the users email and upn is the same as the directory_id in IFS.

What could possibly be incorrectly configured?

Hi

What about user account definition and its directory ID? Have You set IdP Attribute mappers correctly?

Hi Magnus,

Is this IFS Cloud? If it is an on-premise environment, I would recommend checking the IAM pod logs for further details.

kubectl logs deployment/ifsapp-iam -c ifsapp-iam -n <ifs namespace>

Best regards -- Ben

Hi,

It’s IFS Cloud, and the issue was unfortunatly that we had entered the wrong URL for user info. Now sorted and it works as expected.

KR,

/Magnus

Reply


Terms & ConditionsCookie settings