https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/539609#M4207 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/286332">@AmitYadav_Geo</a>,</P> <P>&nbsp;</P> <P>Thanks for reaching out through LIVEcommunity!</P> <P>&nbsp;</P> <P>The error you've provided "<SPAN>Unauthorized.Error 4014" is indicative of a configuration error in the mapping.&nbsp; Please see below for example schemas and ensure that yours match.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Email: </SPAN><A href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</A></P> <P><SPAN>Group Membership: </SPAN><A href="http://schemas.microsoft.com/ws/2008/06/identity/claims/groups" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.microsoft.com/ws/2008/06/identity/claims/groups</A></P> <P><SPAN>First Name: </SPAN><A href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</A></P> <P><SPAN>Last Name: </SPAN><A href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</A></P> <P>&nbsp;</P> <P>I'll also add that if this is a critical issue please create case with our <A href="http://pport.paloaltonetworks.com/Support/Index" target="_self">support engineers</A>.&nbsp; They'll be able to provide you guidance as you work through this issue.</P> <P>&nbsp;</P> <P>I hope this information helps and have a great day!</P> Thu, 20 Apr 2023 19:37:12 GMT anlynch 2023-04-20T19:37:12Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/539555#M4206 <P>Hi All,</P> <P>&nbsp;</P> <P>We have setup SAML SSO but receiving an 'Unauthorized.Error 4014' error.</P> <P>&nbsp;</P> <P>The following configuration was made:</P> <P>&nbsp;</P> <P>IDP provider:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_0-1682001187543.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49648iF169F56A08E64830/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_0-1682001187543.png" alt="AmitYadav_Geo_0-1682001187543.png" /></span></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_1-1682001241414.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49649i24549B5BE0E90C7F/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_1-1682001241414.png" alt="AmitYadav_Geo_1-1682001241414.png" /></span></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_2-1682001312604.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49650i8D670C9134275A23/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_2-1682001312604.png" alt="AmitYadav_Geo_2-1682001312604.png" /></span></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_3-1682001356133.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49651iABDA6520CBC9B8F7/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_3-1682001356133.png" alt="AmitYadav_Geo_3-1682001356133.png" /></span></P> <P>Cortex XDR SSO configuration:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_4-1682002861683.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49652i2511E09DCF5C19CA/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_4-1682002861683.png" alt="AmitYadav_Geo_4-1682002861683.png" /></span></P> <P>&nbsp;</P> <P>Unfortunately we receive the below error:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_5-1682002962062.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49653i1CB517985BCFB9E7/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_5-1682002962062.png" alt="AmitYadav_Geo_5-1682002962062.png" /></span></P> <P>Would anyone know whats occuring here please.</P> <P>Many thanks</P> <P>Amit</P> <P>&nbsp;</P> <P>&nbsp;</P> Thu, 20 Apr 2023 15:04:52 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/539555#M4206 AmitYadav_Geo 2023-04-20T15:04:52Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/539609#M4207 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/286332">@AmitYadav_Geo</a>,</P> <P>&nbsp;</P> <P>Thanks for reaching out through LIVEcommunity!</P> <P>&nbsp;</P> <P>The error you've provided "<SPAN>Unauthorized.Error 4014" is indicative of a configuration error in the mapping.&nbsp; Please see below for example schemas and ensure that yours match.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Email: </SPAN><A href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</A></P> <P><SPAN>Group Membership: </SPAN><A href="http://schemas.microsoft.com/ws/2008/06/identity/claims/groups" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.microsoft.com/ws/2008/06/identity/claims/groups</A></P> <P><SPAN>First Name: </SPAN><A href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname</A></P> <P><SPAN>Last Name: </SPAN><A href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" target="_blank" rel="noopener" data-aura-rendered-by="1200:5653;a">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname</A></P> <P>&nbsp;</P> <P>I'll also add that if this is a critical issue please create case with our <A href="http://pport.paloaltonetworks.com/Support/Index" target="_self">support engineers</A>.&nbsp; They'll be able to provide you guidance as you work through this issue.</P> <P>&nbsp;</P> <P>I hope this information helps and have a great day!</P> Thu, 20 Apr 2023 19:37:12 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/539609#M4207 anlynch 2023-04-20T19:37:12Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/540065#M4225 <P>Hi Anlynch,</P> <P>The links you posted are broken:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_0-1682429855931.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49777i9934C317F5625422/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_0-1682429855931.png" alt="AmitYadav_Geo_0-1682429855931.png" /></span></P> <P>Also in the guidance of Cortex XDR support engineer, I have set the attributes to his advice:</P> <P>&nbsp;</P> <P><SPAN>"Please bear in mind that in SSO Mapping you need to use the following values:"</SPAN></P> <P>&nbsp;</P> <P><SPAN>email=email</SPAN><BR /><SPAN>firstname=firstName</SPAN><BR /><SPAN>group_name: groupName</SPAN><BR /><SPAN>lastname = lastName</SPAN></P> <P><SPAN>Therfore I added the group attribute.</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_1-1682430948814.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49778iD530AC1FBF7D2266/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_1-1682430948814.png" alt="AmitYadav_Geo_1-1682430948814.png" /></span></P> <P>&nbsp;</P> <P>Unfortunately still getting the '4014' error <span class="lia-unicode-emoji" title=":disappointed_face:">😞</span> <span class="lia-unicode-emoji" title=":disappointed_face:">😞</span></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmitYadav_Geo_2-1682431055087.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/49779iCE1EE2A608639E38/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmitYadav_Geo_2-1682431055087.png" alt="AmitYadav_Geo_2-1682431055087.png" /></span></P> <P>&nbsp;</P> <P>Any ideas please?</P> <P>Many thanks</P> <P>Amit</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 25 Apr 2023 13:57:57 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/saml-sso-configuration-error-jumpcloud-third-party-idp-provider/m-p/540065#M4225 AmitYadav_Geo 2023-04-25T13:57:57Z