Cannot request SAML Assertion for SBAF Authorize Click since user is not valid for SBAF

Question

When user logs in using SAML, they face 403 access denied error. We checked the users ID and they have the required access levels. When checked on tomcat-stdout logs we see the following issue 'Cannot request SAML Assertion for SBAF Authorize Click since user is not valid for SBAF' . Any leads on this?

Shubham Aware · Answer

Is this user logging in for the first time, or did it work before and suddenly broke? Still you can check few basic things :- Check user is active and should be part of SAML Users/authentication group. Verify the IdP is sending the exact Appian username, with correct case. If group sync enabled, confirm user is in auth group prior to SAML login, as sync happens post-auth. FYI - https://community.appian.com/support/w/kb/370/kb-1153-saml-authentication-faq