Skip to main content
NetApp Knowledge Base

SAML authentication fails due to incorrect assertion value

Views:
69
Visibility:
Public
Votes:
0
Category:
ontap-system-manager
Specialty:
om
Last Updated:
9/20/2024, 5:54:30 AM

Applies to

  • ONTAP 9.X
  • ONTAP System Manger
  • OKTA SAML

Issue

After configuring SAML with OKTA, the following error appears when attempting to access ONTAP System Manger.
 
Web UI error:
SAML Service Provider
Authorization Failed
Based on the information provided to this application about you, you are not authorized to access the resource at "/sysmgr/v4/"
 
mgwd.log error:

00000017.02198302 0201e5fa Tue Aug 06 2024 20:22:48+00:00 [kern_mgwd:info:3642] No profile exists for user 'app.userName', application'http', authmethod 'saml', vserver 4294967295

 
shibd.log:
00000017.021982f9 0201e5fa Tue Aug 06 2024 20:22:48+00:00 [kern_shibd:info:45559] INFO Shibboleth.SessionCache [1] [default]: newsession created: ID (_eb6282fc32562641e1da70efae175a0f) IdP (okta_server) Protocol(urn:oasis:names:tc:SAML:2.0:protocol)Address (okta_server_ip)
00000017.021982fa 0201e5fa Tue Aug 06 2024 20:22:48 +00:00[kern_shibd:info:45559] INFO Shibboleth-TRANSACTION [1] [default]: New session(ID: _eb6282fc32562641e1da70efae175a0f) with (applicationId: default) forprincipal from (IdP:
okta_server) at (ClientAddress: okta_server_ip) with (NameIdentifier:domain_userusing (Protocol:urn:oasis:names:tc:SAML:2.0:protocol) from (AssertionID:id25716852261066792083764217)
00000017.021982fb 0201e5fa Tue Aug 06 2024 20:22:48 +00:00[kern_shibd:info:45559] INFO Shibboleth-TRANSACTION [1] [default]: Cached thefollowing attributes with session (ID: _eb6282fc32562641e1da70efae175a0f) for(applicationId: default) {
00000017.021982fc 0201e5fa Tue Aug 06 2024 20:22:48 +00:00[kern_shibd:info:45559] INFO Shibboleth-TRANSACTION [1] [default]: ^Iuid (1values)

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.