About this article
This article refers back to the end-user who is experiencing a Server Error Occurred-
please contact Templafy Support
in the Templafy task pane in the Office applications.
Please contact Support and send a screenshot with the Operation ID so they can validate the exact cause of the error.
Prerequisites
|
Issue description
Some attributes may contain line breaks in Active Directory and authentication fails as a result of this. The issue is not caused by Templafy, as we are using the standard sustainsys.saml2 library to support SAML2 authentication. The error is caused by a bug in ADFS where the IdP permits multi-line attributes to be used and signing it. This leads to a tampering of the signature which as a result Templafy cannot decrypt. Due to this issue, Cloud IdPs such as Azure, Okta, OneLogin do not allow for multi-line values to be inserted in their setup, mitigating this issue.
Resolution
The solution to this has come by checking and ensuring that the affected users ADFS account attributes contain no line breaks or white spaces.
Steps to solve this issue
|
- Go to an affected user's account in ADFS on premise.
- Ensure there are no line breaks or white spaces within the attributes in the different sections, putting emphasis on the
Street address
andTelephone number
attributes since we have experienced the most frequent issues with those two.
|
|
If it is not possible to adjust the AD attributes due to scaling or other factors, there is an alternative option. Adjust the SAML2 configuration to not send the claim that causes the problem and instead using a data source on the Templafy tenant that contains the required information.
If you need further assistance, please contact support@templafy.com to schedule a troubleshooting session.
Related articles
Comments
0 comments
Article is closed for comments.