KB-1628 "Untrusted site, unable to login" error when loading a SAML login page on Android

Symptoms

When attempting to use the Appian for Android application to log into an Appian environment using SAML authentication, the message "Untrusted site, unable to login" appears:

Cause

This message indicates that the Identity Provider's log-in page is either using a self-signed SSL certificate, which is by default not trusted by the Android application, or not presenting the full SSL certificate chain.

Note that the SSL certificate used by the Identity Provider is not the same certificate as the Service Provider signing certificate uploaded into the Admin Console. Environments utilizing SAML for authentication with a self-signed Service Provider signing certificate can be accessed using the Appian for Android application.

Action

The Identity Provider needs to be updated to utilize an SSL certificate signed by a trusted Certificate Authority, and configured to present the full certificate chain. This is encryption best practice and recommended particularly for Identity Providers used in production Appian environments.

Workaround

While Appian highly recommends using a trusted SSL certificate for SAML Identity Providers, if this is not an option or the certificate generation takes a long time, users can utilize mobile browsers such as Google Chrome to access the environment instead. However, users may encounter a message similar to the following, which they will need to manually bypass:

Affected Versions

This article applies to all versions of the Appian for Android mobile application.

Last reviewed: August 2018

Related
Recommended