ISSUE
“I am unable to login using SSO”
“I receive an error when logging in with SSO”
“I am unable to login using trusted login”
“I receive an error when logging in with trusted login”
SSO not working
Trusted Login not working
ENVIRONMENT
Ciphr HR
RESOLUTION
Troubleshooting:
Clarify with the employee experiencing the issue which login method they are using. This will be one of the following:
1 - The employee navigates to the below screen (Ciphr Login page) and types in a username and password. This is known as “Ciphr Login”. Please use 1A for guidance on this method:
2 - The employee navigates to the below screen (Ciphr Login page) and clicks the windows/google icon. This is known as “Trusted Login or SSO only”. Please use 2A for guidance on this method:
3 - The employee navigates to the Ciphr login page which then tries to log them in automatically. This is known as “Trusted Login or SSO”. Please use 2A for guidance on this method.
If you would like to check the login method without asking the employee, login into and navigate to the “Account Settings” page which can be found by clicking the 2 Cogs icon in the navigation bar.
If the Login Method is set to “No Restrictions”, the employee will be able to login using Ciphr Login and SSO/Trusted login (if set up):
If the result of this is “Trusted Login or SSO only”, please follow the below guidance:
Trusted Login or SSO Only - please check the below areas and fields to ensure all values are populated correctly:
Employees Contact Details:
- Personal Data > Personal Information > Personal Details > “Contact Details” tab > Contact Email Address – please ensure this field is populated:
Employees User Role:
- System > Security > Role Management > Click into the user role you want/expect the employee to be in > Details > Make sure the “Trusted Login” slider is selected for the user role:
- System > Security > Role Management > Click into the user role you want/expect the employee to be in > Users > Use the search functionality to find the employee > Ensure the slider below is selected – This will ensure the employee is in the user role:
User Role Access:
- System > Security > Role Management > Select the user role the employee is in > Pages > Scroll down or use the search feature to look for the “Account Settings” page. Please ensure at least the “Own Permissions” is set to “Access”:
Username – Ensure this is populated
Login Method – Ensure this is either populated with “Trusted Login or SSO Only” or “No Restrictions”.
Requires Two Factor Auth (2FA) – If this option is selected, the user will be asked to complete a two factor authentication
TFA Setup Completed – If this option is selected, the employee has used 2FA
Password Expiry – Ensure this is either not populated or has a date in the future
Account Enabled From – Ensure equal to or less than today
Account Expiry - Ensure this date is great than today
Account Locked – This will tell you if the account is locked or not. If the account is locked, you can either unlock the account at click the “Forget Password” button – this will send a forgotten password email to the employee
If all the above has been configured, please use the steps below – if the user is still experiencing login issues after this, please contact our Customer Care Team:
Duplicate Email Address Check:
- If there are multiple employees with the same email address in the system, this can cause an error with SSO. This can be identified by running a report. Navigate to Reporting > Report Admin > Report Designer > Insert New Record > Set the master table to “Personal Details” and add in the “Contact Email Address” field > Complete the report and check for duplicate address:
Multiple Job and Pay Records Same Date Check:
- If the employee has multiple Job and Pay records that start on the same date, a “Change No” must be populated in all but one of them. To check this, navigate to Personal Data > Job, Pay & Reward Information > Job and Pay Details > Click into the record that has the same date and make sure the Change No is populated – if not populated, please delete and reinsert the record:
Employee Job Role Reporting into itself Loop Check:
- If using the Jobs file (System > System Configuration > System Settings > “Use Jobs File?”), the reporting line could potentially report into itself which can cause an error when logging in. To check this, navigate to People Admin > Jobs > Search for the Job the employee is assigned to and click into this > “Hierarchy” tab – you should see the below view:
From here, click into the Managers Role which is the box to the top of the page (in this example, “Transport Manager”). Make sure the manager role you can see is not the same role as the employees:
Comments
0 comments
Article is closed for comments.