This guide highlights some common errors, and considerations when configuring SSO and managing SSO users.
Managing users in Yext after enabling SSO
If the user sets Is SAML User
, then the system will attempt to create, edit, and save the user as an SSO User.
If Is SAML User
is changed to No
, then SSO access is revoked from the user. When a change to the Is SAML User
field is saved, all of that user’s open sessions will be revoked.
Users without unique usernames
If you attempt to mark a user as Yes
for Is SAML User
, their username must be unique to any other user in the account. If this is not the case, you will see the error message displayed below. If this happens you will need to update the username of that user.
SAML Login Errors
If a user attempts to log in to Yext through their IDP and the SAML login fails the system will display a screen like the following:
If users have trouble accessing your org with single sign-on (SSO), use the login history to determine whether it’s a SAML assertion error or a configuration problem. If it’s an assertion-related error, identify specific assertion problems with the SAML Assertion Validator. Work with your identity provider to ensure that both the SAML assertion and your SSO configuration are valid.
One thing to look out for is to make sure that the username
field must match the user’s username in the Identity Provider; the username
should be the same value as the NameID which is passed in the SAML assertion.