Single Sign-On (SSO) and OAuth Troubleshooting - Platform - BlueCat Gateway - 24.1

Gateway Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
24.1
If you are having issues with the IdP connection, check the following:
  • Verify that the Address Manager service provider settings and IdP metadata settings are accurate
  • Verify that the BlueCat Gateway service provider settings and IdP metadata settings are accurate
  • Confirm that port 443 has been opened on both Address Manager, BlueCat Gateway, and the IdP
  • Verify that the IdP is functioning normally
  • Verify logs/events on the IdP
If you are having issues with the OAuth connection, check the following:
  • Verify the SSO groups sent by the authorization server are the same as the SSO groups created in Address Manager
If you are having login issues when testing the SSO connection, check the following:
  • Verify that SSO groups exist in BlueCat Address Manager
  • Verify that the SSO groups are mapped to the correct groups on the Active Directory side
  • Verify that users exist in Active Directory
  • Verify that users have the correct attributes for required access in Address Manager
  • Verify that Service Accounts for BlueCat Gateway have the correct attributes in Active Directory
  • Verify that Service Accounts have been mapped to SSO Groups in Address Manager
  • Verify that the scope and resources in Gateway's OAuth configuration matcheds that of Address Manager's OAuth configuration