You are currently reviewing an older revision of this page.

DRAFT SP-6735 How to Report Generic SAML Errors in tomcat-stdOut.log file

Symptom

The following is observed in the application server log for Appian sites with SAML authentication configured:

[ajp-nio-0.0.0.0-8009-exec-3] ERROR com.appiancorp.security.auth.saml.redirecter.SamlAuthProviderQueryStringGenerator - Could not find IdP entity Id: Idp Entity Id not stored on session or request

Cause

A SAML user failed to log in to Appian. This can be due to a variety of reasons, including incorrect credentials or an issue with the SAML configuration.

Action

Check whether SAML users are having issues logging in to Appian despite using correct credentials. If not, the error can be safely ignored as it likely means that some users had failed login attempts but were ultimately able to log in. If so, please review KB-1450 for troubleshooting steps to take. If this does not resolve the issue, open a case with Appian Technical Support and include the following:

  • When the issue started occurring, and if any SAML configuration changes were made recently on the Appian or IdP side.
  • A timestamp (with time zone) of a failed login attempt and the application server log containing this timestamp.
  • A screenshot of the frontend error.
  • The scope of impact (e.g. all SAML users or only a subset).
    • Note: details of each login attempt are recorded in login-audit.csv. More information about this log can be found here.
  • SAML trace for a failed login attempt.

Affected Versions

This article applies to all versions of Appian using SAML authentication.

Last Reviewed: September 2021