Login Error as user not Mapped SSO (Single Sign On)
To solve the login error check the Federation ID listed in the Workfront account and use the audit logs as a troubleshooting tool.
Description description
Environment
Workfront
Issue/Symptoms
While trying to log in through Workfront using Single Sign-On (SSO), the page is redirected to the Workfront login page. On the web address bar of the login page, an error message stating “user not mapped” is seen.
Resolution resolution
-
Navigate to the specific user receiving this error in Workfront:
- Edit User.
- If there is no user account present, create a new user account.
-
Verify that the user has a Federation ID listed:
- Check for the Federation ID.
-
If the Federation ID is blank, follow these steps:.
- Enter the user’s Federation ID (case-sensitive) provided by your Identity Provider.
- Click Save.
- Note: The Federation ID is case-sensitive and must match exactly how it is sent to Workfront from your Identity Provider. If you’re unsure about the Federation ID or its case-sensitivity, consult your network or IT administrator.
- Additionally, check for any extra spaces before or after the Federation ID, as they can be the reason for this error.
- Enter the user’s Federation ID (case-sensitive) provided by your Identity Provider.
Optional steps: Audit logs
Use the Audit logs in Workfront as a troubleshooting tool to examine what your Identity Provider is passing over as the Federation ID (Name ID) during the failed login attempt.
-
Click on Setup
-
Go to System
>Audit logs -
Apply filters to display failed login attempts
- Filter down to failed log in attempts
- Click Apply.
- Filter down to failed log in attempts
-
The Federation ID (Name ID) passed from the Identity Provider to Workfront is displayed in the detail’s column for the recent failed login attempt.
- Ensure that this Federation ID shown in the detail’s column matches exactly (case-sensitive) with what is entered on Workfront as the Federation ID.