Troubleshooting iHASCO Single Sign-on (SSO)
Listed below are the error codes reported by iHASCO SSO, with a description of the problem and recommended solutions.
A user has successfully authenticated with their identity provider, but iHASCO will not authorise a session because SSO has been configured to only allow access for registered users. Other SSO users are accessing iHASCO without a problem
Add the user manually (or via bulk upload), or modify the SSO configuration to allow access to unregistered users (this is the default).
Still a problem, or problem affects all users?
Check that the SSO configuration is correct (IDP configuration may have changed). Also check that the Security registration method is set to Single Sign On provider in the LMS.
422 Unprocessable Entity
The required user attributes: email address, first name and last name have been incorrectly mapped, or the IDP is now sending different attribute names.
Check that the SSO user attribute configuration is correct (IDP attribute names may have changed).
404 Not Found
An authentication URL was manually (mis)typed by a user.
There should be no need for users to enter any authentication URLs, SSO users only need to visit their iHASCO training URL.
The SAML security assertion has already been sent. This is a security measure to prevent replay attacks.
The user should close the browser and re-attempt login.
405 Method Not Allowed
The identity provider is attempting to initiate an SSO flow.
iHASCO only supports service-provider-initiated SSO. The identity provider must be configured with a start URL set to the iHASCO training URL.
500 Internal Server Error
There is a problem with the SSO application.
Please contact iHASCO support for further investigation. You can call us or open a chat, our contact details are on our website: https://www.ihasco.co.uk/.