SAML001 — SAML099 — configuration errors on Selectel side |
---|
SAML001: saml_idp_is_not_configured | SAML-compliant IdP has not been configured on the Selectel side | Check the federation setting on the Selectel side |
---|
SAML002: saml_idp_certs_not_configured | The federation in Selectel does not have a certificate | For federation, add a certificate issued from a credential provider |
---|
SAML100 — SAML199 — SAML Response validation errors |
---|
SAML100: saml_response_invalid_request_id | Incorrect SAML request identifier. Possible causes:
- repeated authentication attempt within a single request (SAML Response);
- the time allotted for user authentication has expired — after going to the authentication page, it took 10 minutes or more for the user to enter credentials
| Go to the authentication page from the Selectel control panel and authorize again |
---|
SAML101: saml_response_invalid_destination | The Destination parameter in SAML Response is set incorrectly | Expose the correct URL for SAML Assertion Consumer Service on the credential provider side:
|
---|
SAML102: saml_response_invalid_in_response_to | SAML Response was created for an authentication request with a different identifier | Go to the authentication page from the Selectel control panel and authorize again |
---|
SAML103: saml_response_invalid_issuer | When creating a federation in Selectel, an incorrect value of the IdP Issuer field is specified | In the federation settings in Selectel, set the correct value in the IdP Issuer field |
---|
SAML104: saml_response_invalid_signature | The signature of the received SAML Response is set incorrectly. Possible causes:
- the credential provider returned an incorrect SAML Response. You can check if the SAML Response is correct using third-party utilities (e.g., Onelogin);
- an invalid certificate has been added to Selectel for the federation
| |
---|
SAML105: saml_response_subject_not_found | The Subject section is missing from the received SAML Response | Configure federation on the credential provider side so that the Subject section is enabled in SAML Response |
---|
SAML106: saml_response_name_id_not_found | NameID is not present in the received SAML Response | Configure federation on the credential provider side so that the SAML Response includes the NameID parameter:
|
---|
SAML107: saml_response_user_not_found | User does not exist in Selectel | Add a federated user. If a federated user is added, make sure that the value of the field ExternalID field of the created federated user matches the user ID on the credential provider side. |
---|
SAML108: saml_response_invalid_assertion_xml | The SAML Response format is incorrect. You can check SAML Response using third-party utilities (e.g. Onelogin) | |
---|
SAML109: saml_response_invalid_assertion | Incorrect SAML Response | Verify the federation configuration on the credential provider side. You can check SAML Response using third-party utilities (for example, Onelogin) |
---|
SAML200 — SAML299 — other errors |
---|
SAML200: saml_internal_error | Requires clarification | Create a ticket support |
---|
SAML201: saml_malformed_request | Incorrect request parameters from credential provider to Selectel after authentication on the provider side | Verify the federation configuration on the credential provider side |
---|