This error can occur in the following scenarios:
- In an SP-initiated flow, if the Entity ID provided in the Service Provider Metadata tab of the plugin does not match any of the Entity IDs of the currently installed apps in the admin console.
- While configuring the app in IDP, if the user access is disabled.
- If you are logged in with non-GSuite or personal google account.
How to resolve the error?
- First try to perform the SSO in your incognito window, if the SSO is successfully performed then it implies that you are using incorrect google account to login.
- If this does not resolve your issue, make sure the WordPress SAML SSO Plugin is properly installed and configured before initiating the SSO request.
- Ensure that the SP entity ID provided in the Service Provider Metadata tab of the plugin matches with the Entity ID you specified during app creation in the GoogleApps.
- Go to admin.google.com and login with your G Suite administrator account.
- Navigate to the Apps tab in the left menu and click on Web and mobile apps.
- Navigate to your configured app in IDP.
- In the user access section, click on the Off for everyone option.
- Then select ON for everyone.
If the issue still persist then the probable issue might be due to the user assignment in the GoogleApps. Follow the below steps to resolve the issue:
If you are still facing the issue then you can contact us at firstname.lastname@example.org