Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/06/2024 08:44 AM
We currently have Okta implemented for SSO and migrating to Entra. I created a new IdP provider for Entra and filled in all the required SP information from Saviynt into our Entra configurations. After the configuration, I also performed a manual application restart.
When performing an IdP initiated SSO request from Entra to Saviynt I am presented with below error:
Unable to Login to Saviynt.
"Please click here" to go to logout page and try again.
Checking the Saviynt logs:
2024-08-06T15:26:53.329398853Z stdout F Caused by: org.opensaml.saml2.metadata.provider.MetadataProviderException: No local entity found for alias SaviyntEntra, verify your configuration. |
2024-08-06T15:26:53.329584506Z stdout F 2024-08-06 15:26:53,329 [http-nio-8080-exec-60] DEBUG auth.LoginController - thresholdcount...0 |
2024-08-06T15:26:53.329824274Z stdout F 2024-08-06 15:26:53,329 [http-nio-8080-exec-60] DEBUG auth.LoginController - loginfailed : Sorry, we were not able to find a user with that username and password. |
2024-08-06T15:26:53.440945307Z stdout F 2024-08-06 15:26:53,440 [http-nio-8080-exec-59] DEBUG auth.LoginController - ****** loginfailed: |
What concerns me is "No local entity found for alias SaviyntEntra, verify your configuration." However, checking the currently configured IdP providers, you can see SaviyntEntra registered as a SP entity ID.
Any assistance with this will be appreciated.
08/06/2024 10:12 AM
The error you're encountering, "No local entity found for alias SaviyntEntra, verify your configuration", indicates that the Service Provider (SP) entity ID, SaviyntEntra, specified in your Entra (formerly Azure AD) configuration might not be correctly registered or matched in the Saviynt configuration.
Here are some steps you can follow to troubleshoot and resolve this issue:
Verify SP Entity ID in Saviynt Configuration:
Check SAML Metadata Configuration:
Validate the Alias Configuration:
Check for Case Sensitivity:
Review SAML Logs in Saviynt:
Restart Application Services:
Re-test SSO:
If all the above steps are correctly configured and the issue persists, you might need to contact Saviynt support for more in-depth troubleshooting, as there could be a deeper issue with how the SP alias is being recognized or registered.