SAML - Your account has not been configured to access this application.
0
Hi all, My SAML module does not appear to be creating users. Once successfully authenticated with Office 365 – this messages some up. I checked the documentation and it says: “Your account hasn’t been configured to access this application.” – There is a user account available in the application that matches the identifying assertion, but the user does not have user roles or the user is not active. And the logs concur: 08:01:35APPINFOSAML_SSO: Failed: No user roles found for the provided user 'garion.swann@******.org.uk' 08:01:35APPERRORSAML_SSO: Unable to validate Response, see SAMLRequest overview for detailed response. Error: No user roles found for the provided user. 08:01:35APPINFOSAML_SSO: Assertion attributes http://schemas.microsoft.com/identity/claims/displayname:Garion Swann 08:01:35APPINFOhttp://schemas.microsoft.com/ws/2008/06/identity/claims/groups:[Ljava.lang.String;@1981aec1 08:01:35APPINFOhttp://schemas.microsoft.com/ws/2008/06/identity/claims/wids:b79fbf4d-3ef9-4689-8143-76b194e85509 08:01:35APPINFOhttp://schemas.microsoft.com/identity/claims/tenantid:ed4dd050-e39e-4e0e-a999-4097f9afb165 08:01:35APPINFOhttp://schemas.microsoft.com/identity/claims/identityprovider:https://sts.windows.net/ed4dd050-e39e-4e0e-a999-4097f9afb165/ 08:01:35APPINFOhttp://schemas.microsoft.com/identity/claims/objectidentifier:75c78f39-2b2e-46a0-a390-8155f15fec4b 08:01:35APPINFOhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/name:Garion.Swann@******.org.uk 08:01:35APPINFOhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname:Garion 08:01:35APPINFOhttp://schemas.microsoft.com/claims/authnmethodsreferences:[Ljava.lang.String;@cc7abd2 08:01:35APPINFOhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname:Swann I’m not sure what to do though. The userroles are set up and we have production security set up. SAML has been configured to create users and set by default a normal “User” role, with custom user provisioning handling people with particular access. Strangely, this was working on one environment but not another and the reason was there working environment had accounts existing for the SSO users (as recently SSO has worked). As a test I deleted these two account had now both environments get the error. I’ve rolled the app back but I get the issue on previous version as well. I’ve also cleared the environments and set up SAML again and still getting the issue. I’m at a loss, any help would be appreciated