When the Validation Results for the SAMLResponse Have Failed

Article Number:020451
Intended audience: Kintone Users & System Administrators

When the validation results for the SAMLResponse have failed, try the following solutions based on the validation results:

When the current time falls within the period specified with the NotBefore and NotOnOrAfter attributes of the Conditions element

Cause
The system time for IdP and Kintone might be different.
Solution
Set the correct date and time on the IdP.

When the InResponseTo attribute of the SubjectConfirmationData element matches the AuthnRequest ID

Cause
A user might have tried to single sign-on from multiple tabs in one Web browser.
Solution
Close all other tabs when you log in to Kintone.

When the Audience element is correct

Cause
An invalid entity ID might have been set when you registered Kintone as an SP.
Solution
Specify "https://(subdomain_name).kintone.com" to the entity ID of the SP.

When at least one of the signatures in Assertion or Response elements exists and also all entered signatures are valid

Cause
The public key certificate might be invalid.
Solution
Attach a valid certificate to the "Certificate" section.