Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1498

Provide meaningful error messages for SAML assertion errors

XMLWordPrintable

    • 12

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      At this moment, when the SSO login fails, Atlassian customers have to reach out to Cloud Support so they can verify the logs in the backend to identify what is causing the failure. 

      Suggestion

      The logs are available in Atlassian backend, it would be ideal to expose those logs to the customer, perhaps in the Organization Audit Logs

      For example, when the SAML certificate is incorrect, the following log is recorded in the backend: 

      message samlResponseError Most recent error
      Preparing Login Callback Error Certificate in SAML Response does not match the certificate in APS <timestamp>

      With this message available in the Audit Logs the customers themselves would have a good starting point to initiate their analysis.

      Best Scenario

      In the example above, the error was caused because the certificate had several occurrences of the control character \x0a, which requires a new line to be added to the certificate for each one of them. It would be excellent to have a mechanism to scan and spot that kind of specific issue and also display it in a more detailed error message. 

              d056dd6d7b90 Holly Makris (Inactive)
              bd4a89fcb3fe Renan Andrade (Inactive)
              Votes:
              4 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: