Windows Single Sign On

I logged in to my Identity Provider and it redirected to WordPress, but I’m not logged in. There was an error – “We could not sign you in.”.

1785 views July 19, 2019 4

To know what actually went wrong,

  1. Login to you WordPress administrator account. And go miniOrange Windows Authentication plugin’s Configure Service Provider tab.
  2. Click on Test Configuration. A popup window will open (make sure you popup enabled in your browser).
  3. Click on Login button. You will be redirected to your IdP for authentication.
  4. On successful authentication, You will be redirect back with the actual error message.
  5. Here are the some frequent errors:
    • INVALID_ISSUER: This means that you have NOT entered the correct Issuer or Entity ID value provided by your Identity Provider. You’ll see in the error message what was the expected value (that you have configured) and what actually found in the SAML Response.
    • INVALID_AUDIENCE: This means that you have NOT configured Audience URL in your Identity Provider correctly. It must be set to https://login.xecurify.com/moas/rest/saml/acs in your Identity Provider.
    • INVALID_DESTINATION: This means that you have NOT configured Destination URL in your Identity Provider correctly. It must be set to https://login.xecurify.com/moas/rest/saml/acs in your Identity Provider.
    • INVALID_SIGNATURE: This means that the certificate you provided did NOT match the certificate found in the SAML Response. Make sure you provide the same certificate that you downloaded from your IdP. If you have your IdP’s Metadata XML file then make sure you provide certificate enclosed in X509Certificate tag which has an attribute use=”signing”.
    • INVALID_CERTIFICATE: This means that the certificate you provided is NOT in proper format. Make sure you have copied the entire certificate provided by your IdP. If coiped from IdP’s Metadata XML file, make sure that you copied the entire value.

If you need help resolving the issue, please contact us using the support form and we will get back to you shortly.

Was this helpful?


Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com