Skip to contentSkip to navigationSkip to topbar
On this page

Troubleshooting Errors during Test SSO Connection


If you are facing errors in the 'test the SSO connection' step while configuring SSO for Twilio Console, you can troubleshoot the error with the help of the steps mentioned below.


Errors on the Identity Provider Authentication page

errors-on-the-identity-provider-authentication-page page anchor

Page Not Found

page-not-found page anchor

If the test user is redirected from the Twilio page but lands on a 404 Not Found page on the Identity Provider side, it means that the IdP metadata may not be correctly configured on the Twilio SSO Profile.

  • Please check and ensure that the IdP metadata (Issuer ID/Entity Id as well as the Single sign-on URL/Login URL) values are correctly configured. Save the SSO Profile and retry the test SSO connection step.

  • You can also capture the SAML Request from the user's browser and user SAML Request decode tool to view the actual SAML request sent from Twilio and see if the value in SAML request matches with what is configured in the SSO Profile and your Identity Provider.

Not authorized or App not assigned

not-authorized-or-app-not-assigned page anchor

This error is caused when the test user has not been added to the new SAML App you created in your Identity provider. The user needs to have access to the new app so that they can log in and complete the test SSO step.

  • Check and make sure that you have assigned the SAML App for Twilio Console to the test user in your Identity Provider.

Twilio error message after the user is successfully authenticated and redirected from your IdP

twilio-error-message-after-the-user-is-successfully-authenticated-and-redirected-from-your-idp page anchor

Authentication Failed. The Message of SAML response is not signed

authentication-failed-the-message-of-saml-response-is-not-signed page anchor

This error is caused when the message in the SAML response received by Twilio isn't Signed. Twilio requires the message to be signed.

  • Check and ensure that the Signing Option for the SAML response in your IdP is set to send both the Message and the Assertion as 'Signed'.

This error is caused when the received SAML response is invalid. This can most likely happen if you are sending encrypted SAML responses to Twilio.

  • Please check and make sure that the SAML response is set to be sent unencrypted.

This error is caused when the value of the Audience URI/Entity ID in the SAML response does not match the value configured in the Twilio SSO Profile.

  • Please check the entity ID configuration between your identity provider and the SSO profile.

This error is caused when the identity provider doesn't return the RelayState parameter along with the SAML response.

  • Please check your identity provider settings to persist the relay state provided by SP.

Need some help?

Terms of service

Copyright © 2024 Twilio Inc.