This is a public Forum  publicRSS

Topic

    Duncan Taylor
    Browser UI Agent SSO not logging in
    Topic posted September 12, 2018 by Duncan TaylorSpecialist 
    42 Views, 3 Comments
    Title:
    Browser UI Agent SSO not logging in
    Content:

    I've gotten SSO working to download and log in the agent through the .NET client but when i have relay state set to agentweb, it will redirect to the agentweb login screen but won't log the agent in. We're using ADFS as our IDP. What am I missing...?

    Version:
    18C

    Answer

     

    • Robert Surujbhan

      Do you have the "Account Authentication" box checked in the Agent Browser User Interface section under Permissions > Administration for the Profile these agents are assigned to?

    • Duncan Taylor

      Yes

    • Robert Surujbhan

      Some questions...

      1. For the RelayState parameter value, are you using the the full AgentWeb address, with or without the trailing slash? (e.g. https://site/AgentWeb/)
      2. The AgentWeb address being passed in RelayState - is it on the same interface as what you configured as the "Assertion Consumer URL" in AD FS? (e.g. https://site/cgi-bin/interface.cfg/php/sso/saml2/sp/post/acs.php)
      3. What version of AD FS? 4.0, 3.0, 2.1, 2.0 (with any Update Rollups applied), etc.?
      4. Are you using SP-initiated or IdP-initiated SSO?  If IdP-initiated, are agents using the standard Microsoft IdP sign-in page @ https://adfsServer/adfs/ls/idpinitiatedsignon.aspx?