Follow
Error Message: SAML 2.0 Authentication Failed: User Identifier Not Found

***

Problem

I am receiving this error when using SAML 2.0: "SAML 2.0 Authentication Failed: User Identifier Not Found."

Cause

This happens when a UID or NAME ID is not passed from the ADFS Claim rules

In ADFS the Relying Party Trust needs to have a Claim rule that passes either a UID or a NAME ID value.  When you run a Workfront Test Connection, it should show this if successful. 

Solution

  1. When editing the ADFS INFO, in the Relying Party Trusts> Select object > Edit Claim Rules.
  2. The LDAP Attribute (left column) should have E-Mail Addresses (or any unique identifier).
  3. The Outgoing Claim Type (right column) should be Name ID.
    NOTE It does not have to have the LDAP Attribute E-Mail Addresses. Any unique identifier that will identify the user can be used but it must be passed into Workfront as the NAME ID.

***

This might be moved to an FAQ for Admin and Setup OR to an "error documentation" article, when the team decides what that article looks like. For now, it is cleaned up and within the TTT for Admin and Setup. 

This article last updated on 2018-06-29 20:28:30 UTC