Troubleshooting

This section provides troubleshooting strategies and the solutions for common errors.

Authentication failure - Unexpected error

Possible causes

In SAS, with external IDP redirection functionality, if authentication is invalidated and error message is displayed. This is probably because no mapper is added on external IDP or the mapper value is incorrect.

Solution

In IDP redirection, after authentication on external IDP, the control redirects to SAS IDP, then claim verification happens.

For claim validation, you need to add mapper on external IDP client. the mapper addition process is unique for every IDP.

To add a new mapper in SafeNet Access Exchange server, go to Client > Client ID > Mappers.

Authentication failure - Unable to Verify account

Possible causes

After new installation of SAS, there can be a time out issue during initial call to SAS API for user validation, which might gives error message in SafeNet Access Exchangek logs with "SAS API is down".

Solution

The issue is related to timeout. Browse the SAS API url. For example: http(s):<sas-server-ip>:<port>/SAS

While validating the application for the first time through SafeNet Access Exchange, time is consumed to send response and in that period SafeNet Access Exchange gets time out.

Therefore, it is observed once the SAS API url is browsed, the validation starts passing.