Solved

ifs cloud SSO azure authentication problem

  • 15 June 2022
  • 8 replies
  • 884 views

Userlevel 2
Badge +5

Hello all,

I have a proble when connecting to ifs cloud with sso auhentication.

The error message is 

“Oops! Something went wrong

Unexpected error when authenticating with identity provider”

 

But there is no detail telling me where the error comes from.

Any idea ?

 

Many thanks in advance.

regards

Vincent

 

icon

Best answer by VincentMetge 21 June 2022, 18:24

View original

8 replies

Userlevel 2
Badge +5

Hi @Novishan Dissanayake,

Thanks for your reply.

By any chance, do you know if IFS cloud can be connected to classic Active Diretory ? not an Azure one I mean.

My post about this topic is right here.

Thanks

Regards

Vincent

Userlevel 6
Badge +13

Hi @VincentMetge,

 

What actually the ‘Default IDP’ setting does is, it allows the user to use the default authentication provided by IFS which is openid-connect. If you disable the default IDP setting, it will disable the default authentication and will allow the user to use the external identity provider for the authentication.

 

Good to hear that the issue is now resolved :)

 

Cheers,
Novishan

Userlevel 2
Badge +5

Hi @Novishan Dissanayake,

 

Thanks for your quick help.

I granted FND_WEBENDUSER_MAIN. Then I disabled the IDP setting and when I tried to reconnect I had the error “Internal server error”, then I enabled again the IDP setting and tried to reconnect again and ot worked !!!!

I’m a bit confused if this IDP setting should enable at the end, by reading your message I understand it should be disabled but as it’s working now, it’s confusing….

 

Thank you very much for your help !!!

Best regards

Vincent

 

Hello @Novishan Dissanayake ,

 

In fact I just noticed the IDP setting disabled or enabled don’t make any change. If I close my browser and open it again and try to open a session, I get the error “internal server error”, but if I do a “new incognito window” it’s working fine with IDP setting disabled or enabled.

Thanks for your help.

Best regards

Vincent

 

Userlevel 2
Badge +5

Hi @Novishan Dissanayake,

 

Thanks for your quick help.

I granted FND_WEBENDUSER_MAIN. Then I disabled the IDP setting and when I tried to reconnect I had the error “Internal server error”, then I enabled again the IDP setting and tried to reconnect again and ot worked !!!!

I’m a bit confused if this IDP setting should enable at the end, by reading your message I understand it should be disabled but as it’s working now, it’s confusing….

 

Thank you very much for your help !!!

Best regards

Vincent

 

Userlevel 6
Badge +13

Hi @VincentMetge,

 

Thank you for the information.

First please login to the system as IFSADMIN or any other admin user that you use to configure the IDP.

Could  you please search for IAM User Details in the Aurena navigator and check whether you see a entry for that? There is a particular window named such whether it has some login details of the users who has access the application.

If you can go to that window, please delete your user entry that you used to access the system and go to the User window again and please disable the default IDP setting. 

For the permissions, please grant FND_WEBENDUSER_MAIN and give it another try.

 

 

Best Regards,

Novishan

Userlevel 2
Badge +5

Hello @Novishan Dissanayake,

 

I’m back to my previous configuration.


We created a new user and I used Microsoft Authenticator to do a double authentication as it required for the client i’m working with.
Now i don’t have the error “Oops! Something went wrong
Unexpected error when authenticating with identity provider” anymore but I have a new error below “Internal Server Error” but no additional details in web page.
What could be the cause of this error ?
I thought it was because my user did not have at least the permission set FND_CONNECT to enter to the application but I granted it but this error remains. 
 

 

Many thanks for your help.

Best regards

Vincent

 

 

 

Userlevel 2
Badge +5

Hi @VincentMetge,

Please check if you can see the window IAM User Details and if so, please delete the user entry of the user that you were trying to access, from there and try to give it another go and see.

Also, please let me know if you have used the openid-connect well known configuration v1.0 or 2.0?

 

Best Regards,

Novishan 

Hello @Novishan Dissanayake 
Thanks for your quick reply.

I created a new user with my email adress as direcory ID but I still have the same issue.

I tried both configuration V1.0 and V2.0.

Here is my configuration :

When you speak about IAM user details, do you speak abour directory ID configuration ?

 

Thanks for your help.

Best regards

Vincent

Userlevel 6
Badge +13

Hi @VincentMetge,

Please check if you can see the window IAM User Details and if so, please delete the user entry of the user that you were trying to access, from there and try to give it another go and see.

Also, please let me know if you have used the openid-connect well known configuration v1.0 or 2.0?

 

Best Regards,

Novishan 

Reply