SAML Authentication Error Code Explanation

Problem

You are trying to login to Desktop Central through SAML Authentication and you are unable to do so.

Cause

There may be multiple reasons pertaining to this problem. Corresponding to the error code, find the resolution as given below.

Resolution Table

You are required to identify the cause for your problem from the table with the help of Error Code and follow the corresponding resolution.

 

 

Error Code  Reason  Resolution
 2 There may be some parameters missing, such as, SP Entity ID, ACS URL, Certificate,etc., while configuring SAML Authentication settings in either Service Provider or Identity Provider. Reconfigure IdP settings in SAML Configuration page of Desktop Central. Restart Desktop Central
 8 SAML response is not received from IdP.  Desktop Central supports only POST Binding method. Ensure that the IdP follows POST Binding method.
 13 Invalid response format. The SAML response received from IDP is not in the expected format Configure the SAML Authentication settings in IdP
 16 Unsupported SAML version DC only supports SAML 2.0. Ensure that the IdP supports SAML 2.0 standard.
 17 The ID is missing. An ID should be present in the SAML response from IdP to uniquely identify the response. If the ID is missing, then Desktop Central will not process the request further. Contact the IdP and reconfigure the SAML Authentication Settings in IdP.
 18,19 The Status Code element in SAML Response from the IdP is missing. So, Desktop Central will not process the request further Contact the IdP and reconfigure the SAML Authentication Settings in IdP.
 20 The Status Value in the SAML Response is empty. Desktop Central will not process the request further Contact the IdP and reconfigure the SAML Authentication Settings in IdP.
 21 The response from the IdP is incorrect. Check the event log in IdP for the root cause. Mostly, reconfiguring IdP and SP should resolve the issue.
 22 The SP's request is incorrect. There may be a problem in the Service Provider while requesting the IdP. Reconfigure IdP details in Service Provider and try again.
 23 Unable to process the Status Code received. There may be multiple reasons for this issue- Authentication failure in IdP or Time mismatch between IdP Server and SP Server. Mostly, Reconfigure the IdP and SP details in both IdP and SP should solve the issue.
 24 Response/Assertion is not signed as expected by DC Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 25 Signed Element did not contain an ID. Therefore, Desktop Central rejected the SAML Response. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 26 There are Duplicated ID in the Signed Element. So, Desktop Central rejected the SAML response. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 27 The Signed Element is invalid Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 28 There is Duplicated Reference in Signed Elements. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 29 There are unexpected Signed Elements present in the SAML Response. Therefore, Desktop Central will not process the request further. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 30 There is Unexpected Reference present in the SAML Response. So, Desktop Central was unable to process further. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 31 There are wrong number of signatures present in the SAML Response. So, Desktop Central was unable to process further. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 32 There are wrong number of signatures present in the SAML Assertion. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 35 There was no signature in the SAML Response Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 36 The Signature present in the SAML Response is invalid. This arises due to misconfiguration between SP and IdP. Reconfigure SAML Authentication settings in both SP and IdP.
 37 Duplicated Attribute Name was found. So, Desktop Central was unable to process further. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 38 There was no Name ID present in the SAML Response. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 39 The Name ID was empty in the SAML Response. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
 40 There was Name Mismatch in SP Name Qualifier. So, Desktop Central was unable to process the request further. Reconfigure SAML Authentication settings in both SP and IdP.
 41 The Session expired. Refresh and login again.
 42 The Destination given in the SAML Response is wrong, because the SP's ACS URL might have changed. Reconfigure the SAML Authentication settings in IdP and try again
 43 The Destination given in the SAML Response is empty, because the SP's ACS URL might have changed. Reconfigure the SAML Authentication settings in IdP and try again
44 The Issuer Name is incorrect or missing in SAML Response. Check with IdP vendor and reconfigure SAML Authentication settings in IdP.
46 The SAML Response is created with the Response Construction time. The SAML Response has an expiry time. If the IdP and Desktop Central are present in different time zones, there may be a time mimatch. This marks the Assertion made by the IdP to be too early. Time mismatch between IdP and Desktop Central. Adjust the time and try again
47 Since, the Assertion has an expiry time, the SAML Response may be expired when it reaches the SP. This usually happens if there is a time mismatch between IdP and SP. Time mismatch between IdP and Desktop Central. Adjust the time and try again
50 The ID sent by the IdP may not be taken up by the SP due to browser cache. Clear the browser cache and try again


 

Applies to: SAML Authentication, SSO, Error codes, Identity Provider, Service Provider

Keywords: SAML Authentication, Error codes, Identity Provider, Service Provider