About this document

This document describes SSO troubleshooting steps that can be applied to any SSO integration. If this document does not address your question and there is a product specific integration guide, please check the guide for any FAQ before raising a support request with SAFE.

Note: The following troubleshooting steps should be performed by a user with the Admin role

Troubleshooting Use Cases

The following SSO troubleshooting use cases are documented below:

• A Specific User Cannot Login

• All Users Cannot Login

A Specific User Cannot Login

In the scenario that one specific user cannot login, perform the following troubleshooting steps:

1. Confirm that the user is registered in the SAFE platform

• Go to Setting > User Management.

• Confirm that the user does not have an entry in the users table.

  • You can search for a user using the highlighted Search function.

• If the user is not registered, proceed to step 2

• If the user is registered, proceed to step 3

2. Confirm if the user has been invited to the SAFE platform

• Go to Setting > Invitations.

• Confirm that the user does not have an entry in the invitations table.

  • You can search for a user using the highlighted Search function.

• If the user has a status of “Pending” - ask the user to open the email invitation the received and click the link to accept the invitation.

  • If the user cannot find the invitation, click on the 3 horizontal dots next to their name and select “Resend”.

• If the user has a status of “Expired” click on the 3 horizontal dots next to their name and select “Resend”.

• If the user is not present in the invitations table or user table, invite them to the platform using the “Invite User” button.

3. Confirm that the user is logging in using the same email address as per their user account

• Check with the user that their email address matches the email address that is registered on the SAFE platform

• If the user is not using the registered email address, you can either

  • Request they use the right email address

  • Invite the new user using the “invite” option under Settings > Invitations

    • Note you may wish to delete the incorrect email address by going to Setting > User Management, and from the 3 horizontal dots next to their name choosing the “Delete” option

4. Confirm that the user is logging in using an email domain that matches the domain(s) configured for Single Sign On in SSO

• Take a record of the domain of the login email.

• Check with the team managing the SSO provider that this email address is configured for Single Sign On to SAFE.

5. Collect a HAR file and provide to SAFE for analysis

See the guide on how to collect a HAR file and submit the file to the SAFE Service Desk.

All Users Cannot Login

In the scenario that all users cannot login, perform the following troubleshooting steps:

1. Confirm that the SAFE Platform is available

• Navigate to your SAFE Platform url (https://<region>.safeone.ai) and confirm that a login page is presented.

• Check that you have not been notified of any maintenance or unplanned downtime

2. Confirm that the SSO Platform is available and no changes have been made recently

• Contact yourSSO platform team to ensure the SSO platform is working correctly

• Confirm that no changes relating to the SAFE Platform have been made recently.

3. Collect a HAR file and provide to SAFE for analysis

• See the guide on how to collect a HAR file and submit the file to the SAFE Service Desk.