Azure SSO - relogin error

Flaurian
Contributor

Hello,
We configured Azure SSO for jamf and basically, it works totally fine but if we try to login again we got the following message. We have this issue on two different devices. I don't know if its helpful or not but before we using Google SSO.

"Single Sign-On Error"
An error occurred while processing your Single Sign-On request. Contact your administrator for assistance.

If I cleaning my chrome cache, it works or using the incognito mode but this can't be the solution for it. Anyone an idea?

8 REPLIES 8

hdsreid
Contributor III

It has to do with the token expiration time. I ended up just switching SSO to our on prem AD lol

new version is supposed to have some kind of "new" azure sso functionality, not sure if this is what they fixed or if its a new feature. documentation makes it sound like they are introducing something i implemented over a year ago

mlandon
New Contributor

I am also having the same issue, we use Azure though. I can log in using an incognito tab or by logging out of all Microsoft services. Did you ever find a fix for the issue?

adambeveridge1
New Contributor II

I'm also have the same issue.

Flaurian
Contributor

Hey @adambeveridge1 & @mlandon just disable token expiration time. You'll find it in your Jamf Pro SSO configuration.

jlombardo
Contributor

I have the token expiration disabled and I still get that error.

It would also be ideal not to have to turn on that feature. I recently raised a ticket with Jamf and will see what becomes of it.

russeller
Contributor III

@jlombardo did you ever get an update from jamf support on your issue?

UPDATE: Incase someone else stumbles into this thread. I simply had to restart tomcat on my web apps in my clustered environment for the new SSO settings to take effect. Apparently the child web apps were caching the old settings.

B-35405
Contributor

nvm

ten35tech_tk
New Contributor

I am in the middle of my JumpStart, and the next time I tried to log into my Jamf Pro portal, I started getting Single Sign-On Errors. I can log in using the failover, but that can't be the solution. I tried signing in in a Chrome profile that is sined into the correct Microsoft account, but had never signed into Jamf before & that profile ALSO throws an error. I can log in (using SSO) using a profile that was never signed into either Microsoft OR Jamf, but that isn't a realistic option either.

Blowing out the Jamfcloud cookies didn't help; do I need to delete all the Microsoft cookies also? This isn't an auspicious start to our deployment.