The following issues may occur when using single sign-on (SSO) with SAML. Find below the error messages for each issue and their associate explanations and suggested solution. If the problem continues, contact our support team at firstname.lastname@example.org.
The Logged In User Is Not an Active Meisterplan User
Full Error Message: "The logged in user is not an active Meisterplan user. Please use a different account or contact your administrator."
Explanation: The user trying to log in has been authorized by the Identity Provider but is not an active Meisterplan user. You cannot add new Meisterplan users through SAML, Meisterplan users have to be added manually.
Solution: Add the user to Meisterplan. If the user is already set up in Meisterplan, ensure they are not deactivated and that the username in Meisterplan matches the username in the Identity Provider.
405 Method Not Allowed
Explanation: The SAML configuration is very likely invalid.
Solution: Compare the details entered in the SAML configuration closely with those provided by Meisterplan and the IDP, and ensure they are identical.
Parsing RelayState failed
Explanation: The Relay State in the Identity Provider configuration is not the same as the Relay State from Meisterplan.
Solution: Ensure that the Service Provider Relay State in the IDP configuration matches the Relay State provided by Meisterplan.
Invalid Assertion for SAML Response
Explanation: There is a problem with the SAML configuration in Meisterplan, likely a wrong setting.
Solution: Log in to Meisterplan using the recovery page and open the SAML configuration under Manage > Users > Configure. Compare the IdP configuration with the Meisterplan SAML configuration and ensure they are identical.