When the Validation Results for the SAMLResponse Have Failed
When the validation results for the SAMLResponse have failed, try the following solutions based on the validation results:
When the current time falls within the period specified with the NotBefore and NotOnOrAfter attributes of the Conditions element
- Cause
- The system time for IdP and Kintone might be different.
- Solution
- Set the correct date and time on the IdP.
When the InResponseTo attribute of the SubjectConfirmationData element matches the AuthnRequest ID
- Cause
- A user might have tried to single sign-on from multiple tabs in one Web browser.
- Solution
- Close all other tabs when you log in to Kintone.
When the Audience element is correct
- Cause
- An invalid entity ID might have been set when you registered Kintone as an SP.
- Solution
- Specify "https://(subdomain_name).kintone.com" to the entity ID of the SP.
When at least one of the signatures in Assertion or Response elements exists and also all entered signatures are valid
- Cause
- The public key certificate might be invalid.
- Solution
- Attach a valid certificate to the "Certificate" section.