SSO errors typically occur when there is a mismatch between your organization's Identity Provider (IdP) and Unimarket (the Service Provider). Most issues can be resolved by verifying user attributes or checking account status within Unimarket.
Response Failures & Missing Data
Errors: "Authentication Service Response Failure", "Authentication Service Error", or "Missing Data".
Cause: The IdP is sending an incomplete or malformed SAML assertion. This often means mandatory attributes (like email or NameID) are missing or the user's local profile is corrupted.
Troubleshooting:
Browser Cleanup: Have the user clear cache/history or try an Incognito/Private window to rule out stale session cookies.
IT Review: Ask your IT team to verify the user's attributes in the IdP (Active Directory/Okta/Azure).
Support: If persists, provide Unimarket Support with the user's name and a precise timestamp to check the integration logs.
Provisioning & Identification Issues
Error: "Auto-Provisioning not enabled" or "We could not find an account with the username..."
Cause: Unimarket receives a valid login but cannot find a matching user record, and the system is not configured to create new users automatically.
Troubleshooting:
Username Match: Ensure the
NameIDsent by your IdP matches, the Username field in Unimarket exactly (case-sensitive).Manual Creation: If Auto-Provisioning is off, an administrator must manually create the user in Unimarket first.
Account Status Issues
Error: "Your account has been locked" or "The user account is disabled."
Cause: The user's Unimarket profile has been manually disabled or locked due to security overrides.
Troubleshooting:
Admin Check: Go to Administration > Users. Clear the "State" filter and search for the username.
Re-enable: If the state is Disabled, edit the profile to Enabled.
Lockout: If locked, verify the user hasn't been attempting to log in via the standard Unimarket login page instead of the SSO portal.
Troubleshooting Checklist for IT Admins
If a specific group of users is failing, check the following technical configurations:
SAML Certificate: Check if your IdP signing certificate has recently expired.
Clock Skew: Ensure your IdP server time is synchronized via NTP; a difference of more than a few minutes will cause the SAML assertion to be rejected.
Encryption: Verify if Unimarket expects an encrypted vs. unencrypted assertion.