Why are users redirected to the logout URL when authenticating via SSO with SAML?

Return to top

6 Comments

  • Selim Yanat

    Hello,

    I'm facing a similar issue, when i configure Zendesk SSO with Auth0. Users that are created in Auth0 could not login in Zendesk, i'm always redirected to logout url.
    However, if a user is created in both places Auth0 and Zendesk the login through SSO is effective.
     
    Could it be that Zendesk is not able/configured to create user profiles dynamically, based on information in the SAML assertion ?? (I followed the recommendation in this zendesk article but did not work)

    Any help would be appreciated. Thanks

    0
  • Selim Yanat

    For the people that run into the same issue. Check in Customers settings that you don't have a "Allowlist" that accepts only users from the domains configured in that list.

    0
  • Moxie Pest Control LP

    Are there any other solutions to this? I am using Google as my IDp and Ive checked the SHA2 and the Customers settings. We can log in if the request is from Google but not directly from the url as we run into this error. 

    0
  • Tod Brown
    Hi,
     
    My name is Tod, and I am with the Zendesk Customer Advocacy Team.

    I see this ticket was opened, but that you'd actually had this issue resolved on another ticket, #9953237 with Oscar.

    As such, I am going to set this ticket to Solved.
     
    Best regards,

    Tod
    0
  • Lucas Bertoni

    Hello Tod Brown the ticket you linked does not exist anymore.

    Would you please share the actual solution here?

    We are having issues where just a specific user is not able to login, they are automatically redirected to the logout URL as soon as they try to login.

    Thanks

    0
  • Tod Brown

    Hi Lucas,

    My apologies for any confusion I may have caused here.

    Regarding that ticket, you would not have access to that ticket, due to not being the Requester. My apologies, as I had been replying to the requester of this post, via the ticket.

    However, the solution that was offered was to look at the ACS URL, to see if there is a / at the end of the address.

    If there is, remove that.

    If that isn't the case, I'd recommend submitting a ticket to Support regarding this matter.

    Best regards,

    Tod


    0

Please sign in to leave a comment.

Powered by Zendesk