FAQ content

Testing and troubleshooting an ADFS LibAuth configuration

In this article

Getting there

  1. From the LibApps Dashboard, go to Admin > LibAuth Authentication.
  2. Click on the Edit () icon in the Action column for the configuration you want to manage.

Editing a LibAuth configuration

Testing your configuration

After creating or modifying your LibAuth configuration, it's always a good idea to test it. This will confirm whether or not LibAuth can connect to your authentication system and that your system is returning the necessary attributes to LibAuth. The testing tool will provide debugging info that you can use to troubleshoot any issues.

  1. Save your configuration, then click on the Test button in the Test This Configuration box at the top of the page.

Screenshot of the Test button

  1. Enter your user credentials to log into your authentication system.

Example of logging into an authentication system

  1. You will then receive a summary of test results. This will indicate whether or not you are logged in, as well as debug info to help you troubleshoot any problems. For example, it will indicate any attributes that were not successfully released by your server or correctly mapped in your configuration.

Example of debugging information

What if I can't log in?

  • Double check that you entered your username and password correctly.
  • Confirm that your IT staff added Springshare as an authorized service provider using the correct Entity ID.
  • Confirm that you entered the correct URL to your SAML metadata XML file.
  • Work with your IT staff to confirm that your ADFS server has been correctly set up to work with LibAuth. For help, check out How do I setup ADFS to communicate with LibAuth?

LibAuth did not receive our attributes. How do I know if they were released?

When testing your configuration, the debug information contains a raw_response array. If the attributes are being released, they will be listed here. However, if the array contains no data (i.e. there's nothing between the curly braces), then the attributes are not being released. Contact your IT staff to ensure that the attributes are being released to LibAuth.

Example of a LibAuth response with no attributes

Our attributes were released, but LibAuth is not receiving the user data. What happened?

It's likely that the attributes were not mapped correctly in your LibAuth configuration. The debug information contains a raw_response array listing the name of the released attributes, along with their corresponding data. Check your LibAuth configuration's attribute settings to ensure that the values you entered in the First Name, Last Name, and Email fields match exactly what you see in the debug info. (The attribute names will all be displayed within brackets).

For ADFS, these attributes are usually formatted as URLs:

  • Emailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
  • Firstname:  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
  • Lastnamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

Example of debug info highlighting the released attribute names

What does an "InvalidNameIdPolicy" error mean?

This error can occur if your NameId is set to something other than "transient".

Please review our guide to adding claim rules for ADFS configurations.

Still need help? No worries! If you are having issues and the above troubleshooting steps haven't helped, contact Springy Support for further assistance. We are happy to work with you and your IT staff to resolve any issues. :)