If you are having issues with the IdP connection, verify the following:
- Verify that the Address Manager service provider settings and IdP metadata settings are accurate
- Verify that the BlueCat Gateway service provider settings and IdP metadata settings are accurate
- Confirm that port 443 has been opened on both Address Manager, BlueCat Gateway, and the IdP
- Verify that the IdP is functioning normally
- Verify logs/events on the IdP
If you are having issues with the OAuth connection, verify the following:
- Verify the SSO groups sent by the authorization server are the same as the SSO groups created in Address Manager
If you are having login issues when testing the SSO connection, verify the following:
- SSO groups exist in BAM
- SSO groups are mapped to the correct groups on the AD side
- Users exist in Active Directory
- Users have the correct attributes for required access in Address Manager
- Service Accounts for BlueCat Gateway have the correct attributes in Active Directory
- Service Accounts have been mapped to SSO Groups in Address Manager