Troubleshooting

  • General SSO Failures: If during SSO an error message Signature validation failed appears in the Control Tower logs:

    Get the latest certificates provided by the IDP. Update the relevant details in the Cert parameter of the auth.yml file available in the <<AssistEdge Build Folder>>\scripts folder.
  • General SSO Failures: If during SSO an error message SAML token expired appears in the Control Tower logs. Increase the acceptedClockSkewMs parameter of the auth.yml file available in the <<AssistEdge Build Folder>>\scripts folder.
  • General SSO Failures: If user role is fetched from auth token and despite sending valid role in token, un-authorized user error appears on Control Tower. Verify if the role is correctly mapped to a valid role from product in auth.yml file available in the <<AssistEdge Build Folder>>\scripts folder.
  • SAML Logout:  If SAML logout is not working and a certificate error is thrown (based on IDP enforced policy). Provide certificate with the private key in privateCert parameter of auth.yml file (SAML section) available in the <<AssistEdge Build Folder>>\scripts folder.
  • Robot SSO Failures: If configured robot authentication fails always, verify if the below values are updated correctly in the RoboSe.exe.config file available in the Robot folder.
    <add key="UserNameElement" value="username"/>
    <add key="UserNameElementSelector" value="ID"/><!--ID,CSSselector,Classname,Name,TagName-->
    <add key="PasswordElement" value="password"/>
    <add key="PasswordElementSelector" value="ID"/><!--ID,CSSselector,Classname,Name,TagName-->
    <add key="SubmitButtonElement" value="kc-login"/>
    <add key="SubmitButtonElementSelector" value="ID"/>
     

  • Robot SSO Failures: If configured robot authentication fails always (or intermittently), try increasing the wait time.


    <add key="SSOLoginWaitTime" value="5000"/><!--Value in milliseconds--> 

  • Automation Studio and Engage SSO failures: If during authentication, instead of the IDP page a blank page appears or a popup regarding enable java script or any other similar popup appears and the authentication challenge is not shown to the user, please install Evergreen Webview2 Runtime from Webview2 - Microsoft Edge Developer as a possible fix.

  • AE server-side validation failures of User Credentials input on Control Tower:  If credentials entered by users on either of Robot Setup, Robot credential update or Credential Manager page fail authentication on server-side, verify the value for browserPath parameter is set to a valid browser path in the auth.yml file available in the <<AssistEdge Build Folder>>\scripts folder. Also validate that userid, password, login button, timeout, etc configurations are correct as per target page presented by IDP.