SSO errors typically occur when there is a mismatch between your organization's Identity Provider (IdP) and Unimarket (the Service Provider). Most issues can be resolved by verifying user attributes or checking account status within Unimarket.
The Authentication Service configured for your Community did not authenticate you
Example of Exact Error:
Single Sign-On request to Unimarket failed.
The Authentication Service configured for your Community did not authenticate you or did not return a valid response. Please try again or contact your administrator.
Cause:
The IdP is sending an incomplete or malformed SAML assertion. This often means mandatory attributes (like email or NameID) are missing or the user's local profile is corrupted.
| Note: This is usually not an issue on the Unimarket side; unless a new development has rolled out. |
Troubleshooting Steps:
Browser Cleanup: Have the user clear cache/history or try an Incognito/Private window to rule out stale session cookies.
IT Review: Ask your IT team to verify the user's attributes in the IdP (Active Directory/Okta/Azure).
Unimarket Support: If persists, provide Unimarket Support with the user's name and a precise timestamp to check the integration logs.
Auto-Provisioning not enabled
Sample of Exact Error:
Single Sign-On request to Unimarket failed.
Auto-Provisioning not enabled
Cause:
Unimarket receives a valid login but cannot find a matching user record, and the system is not configured to create new users automatically.
Troubleshooting Steps:
- Check inside Unimarket to confirm if the user login has been created.
- If user login credentials has been created, compare the SSO username and the Unimarket username. To ensure the usernames are exactly the same.
- If the username is not the same, make updates.
- If the username is the same, please reach out to the Unimarket Support team with the following information:
-
- The SSO username
- The Unimarket username and
- Date and time stamp when user last attempted login
-
Your account has been locked
Sample of Exact Error:
Your account has been locked. Contact your support person to unlock it, then try again.
Cause:
The user's Unimarket profile has been locked due to security overrides.
Troubleshooting Steps:
Admin Check: Go to the Administration module > Users > Clear the State filter > select Apply Filter.
Re-enable: If the state is Disabled, edit the profile to Enabled. Once completed, ask the user to attempt logging into Unimarket.
Lockout: If locked, verify the user hasn't been attempting to log in via the standard Unimarket login page; instead of the SSO portal.
If the above does not resolve the matter, reach out to your IT team to check SAML setup for the user. To determine if the user is logging into Unimarket via Single Sign On.
The user account is disabled. Please contact your Administrator
Sample of Exact Error:
Single Sign-On request to Unimarket failed
The user account is disabled. Please contact your Administrator
Cause:
The user's Unimarket profile has been manually disabled.
Troubleshooting Steps:
Admin Check: Go to the Administration module > Users > Clear the State filter > select Apply Filter.
Re-enable: If the state is Disabled, edit the profile to Enabled. Once completed, ask the user to attempt logging into Unimarket.
If the user login is in an enabled state, please reach out to the Unimarket Support team with the following information:
- The user's first and last name and
- Date and time stamp when the error occurred
Authentication Service Error
Sample of Exact Error:
Single Sign-On request to Unimarket failed
Authentication Service Error
Cause:
The IdP is sending an incomplete or malformed SAML assertion. This often means mandatory attributes (like email or NameID) are missing or the user's local profile is corrupted.
Troubleshooting Steps:
Browser Cleanup: Have the user clear cache/history or try an Incognito/Private window to rule out stale session cookies.
IT Review: Ask your IT team to verify the user's attributes in the IdP (Active Directory/Okta/Azure).
Unimarket Support: If persists, provide Unimarket Support with the user's name and a precise timestamp to check the integration logs.
Missing data
Sample of Exact Error:
Single Sign-On request to Unimarket failed
Missing data
Cause:
The IdP is sending an incomplete or malformed SAML assertion. This often means mandatory attributes (like email or NameID) are missing or the user's local profile is corrupted.
Troubleshooting Steps:
Browser Cleanup: Have the user clear cache/history or try an Incognito/Private window to rule out stale session cookies.
IT Review: Ask your IT team to verify the user's attributes in the IdP (Active Directory/Okta/Azure).
Unimarket Support: If persists, provide Unimarket Support with the user's name and a precise timestamp to check the integration logs.
Troubleshooting Checklist for IT Admins
If a specific group of users is failing, check the following technical configurations:
- SAML Certificate: Check if your IdP signing certificate has recently expired.
- Clock Skew: Ensure your IdP server time is synchronized via NTP; a difference of more than a few minutes will cause the SAML assertion to be rejected.
- Encryption: Verify if Unimarket expects an encrypted vs. unencrypted assertion.