Configuring Single Sign-On (SSO) can be a complex process with multiple points of failure. Uptime.com provides an error page as well as specific error message when an SSO login attempt fails.
This article will cover some common errors, as well as troubleshooting steps based on the errors you may encounter. When in doubt, double check that the fields in the Uptime.com SAML SSO settings page are correct and match with the appropriate fields in the IdP.
- General Errors
- SAML Assertion Errors
- SSO Login Failures
- Final Thoughts
This error means that the Uptime.com SAML SSO settings page and form weren’t properly submitted or saved.
Please complete the full setup process and try again.
This error means that there’s an issue with the IdP’s Certificate, and the SAML response couldn’t be verified.
Please double check with your IdP application that the correct Certificate is provided in the SAML SSO settings page.
This error means that the IdP-sided configuration for the SAML assertion wasn’t signed with the IdP’s certificate. It is possible the whole SAML response was signed (optional), but this is insufficient; we require the assertion itself to be signed as well.
Please check your IdP’s configuration properly signs it’s SAML assertions with its certificate.
This error usually means that there’s a typo in the username (as entered in the Uptime.com login portal, or as configured on the IdP-side), or that the connection hasn’t been properly initialized via the WAYFless URL “handshake”.
For more information on this initialization process, see our main support article on Configuring SSO for Uptime.com.
Problems with the SAML Assertion are very common. Double check that the IdP configuration includes the required SAML Assertions, as described in the Configuring SSO for Uptime.com article.
Click here for a live example of a working SAML response.
This error means that the SAML assertion metadata entry for
Issuer couldn’t be verified.
Double check that the
Issuer attribute exactly matches the “Identity Provider’s EntityID / Issuer” field in the SAML SSO settings page.
This error usually means that the Uptime.com-sided
EntityID / Audience URI or
ACS URLs aren’t configured correctly in your IdP.
Please double check that the URLs from the SAML SSO settings page match the corresponding fields in the IdP application.
This error means that the SAML response provided by the IdP was missing the
Subject NameID clause, which is one of the four required SAML assertions. Alternatively, the
Subject NameID attribute is missing the required
Here is an example of a SAML response snippet that provides
<saml:Assertion ...> <saml:Issuer>http://idp.example.com/metadata.php</saml:Issuer> <saml:Subject> <saml:NameID SPNameQualifier="http://sp.example.com/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"> firstname.lastname@example.org </saml:NameID> <saml:SubjectConfirmation ...> ... </saml:SubjectConfirmation> </saml:Subject> </saml:Assertion>
Please confirm that the
NameID attribute in the IdP is set to a unique user identifier.
This error means that the SAML response provided by the IdP was missing the required Email (or equivalent) attribute, which should be defined as the user’s email address for the Uptime.com account.
Please confirm that the
This error usually means that the SAML response provided by the IdP was missing the required FirstName (or equivalent) attribute, which should match the user’s “First Name” field in both the IdP and their Uptime.com user account.
Please confirm that the
FirstName attribute is properly configured in the IdP.
This error means that the IdP refused the login request sent by Uptime.com, and that some configuration or setting on the IdP is blocking the login attempt.
Microsoft describes the error as "The request could not be performed due to an error on the part of the SAML responder or SAML authority."
Please review your IdP configuration for any settings that might be blocking the Uptime.com login request.
This error means that the IdP refused the login request sent by Uptime.com for the specific reason of an invalid NameID policy. This is a common Azure AD-sided error, where the claims haven’t been correctly configured.
Please confirm that the claims are configured correctly, using the Azure Active Directory section of the main setup support article. If needed, please collect all technical details from your IdP and include them in a ticket to email@example.com for further assistance.
The most common causes of SSO errors are misconfigured SAML assertions or other IdP-sided settings which block required functionality for Uptime.com and the IdP to validate the login attempt. Double check that the assertions, fields, and settings are configured correctly, as shown in our support article Configuring SSO for Uptime.com.
If you’re still stuck, collect any technical data or screenshots from your IdP configuration and email firstname.lastname@example.org for assistance.