| copyright | lastupdated | keywords | subcollection | ||
|---|---|---|---|---|---|
|
2019-12-09 |
help, support, error, multiple users, attribute, ticket, identity provider, redirect uri, custom url, virtual user, idp, identity settings, user profile |
appid |
{:external: target="_blank" .external} {:shortdesc: .shortdesc} {:screen: .screen} {:pre: .pre} {:table: .aria-labeledby="caption"} {:codeblock: .codeblock} {:tip: .tip} {:note: .note} {:important: .important} {:deprecated: .deprecated} {:download: .download} {:tsSymptoms: .tsSymptoms} {:tsCauses: .tsCauses} {:tsResolve: .tsResolve} {:troubleshoot: data-hd-content-type='troubleshoot'} {:support: data-reuse='support'}
{: #troubleshooting}
If you have problems while you're working with {{site.data.keyword.appid_full}}, consider these techniques for troubleshooting and getting help. {: shortdesc}
{: #ts-gettinghelp}
You can get help by searching for information or by asking questions through a forum. You can also open a support ticket. When you are using the forums to ask a question, tag your question so that it is seen by the {{site.data.keyword.cloud_notm}} development teams.
- If you have technical questions about {{site.data.keyword.appid_short_notm}}, post your question on Stack Overflow
and tag your question with "ibm-appid". - For questions about the service and getting started instructions, use the IBM Developer Answers forum. Include the
appidtag. - Reach out directly to the development team on Slack!
For more information about getting support, see how do I get the support that I need.
{: #ts-signin-fail} {: troubleshoot} {: support}
{: tsSymptoms} A user signs in to your application through an identity provider's sign in page, and either nothing happens or the sign-in fails.
{: tsCauses} Sign-in might fail for the following reasons:
- Your redirect URL was not properly added to the whitelist.
- The user is not authorized.
- The user tried to sign in with the wrong credentials.
{: tsResolve} For a redirect to occur:
- Verify that your redirect URL is correct. It must be exact for the redirect to work.
- Be sure that your user is signing in with the correct credentials
- Check that they're configured in your identity provider user settings.
{: #ts-custom-uri}
{: tsSymptoms} When you enter a web redirect URL that uses a custom URL Scheme, it is rejected by the {{site.data.keyword.appid_short_notm}} console.
{: tsCauses} Your URL might be rejected for the following reasons:
- The URL does not follow an
httporhttpsscheme - The URL ends with
:// - There is a typographical error in your URL
The limitations are in place for security purposes.
{: tsResolve} To resolve the issue, verify that the URL is correct. If your URL does not meet the requirements, you can create an HTTPS endpoint in your app to redirect the received grant code to your custom URL. Specify the created endpoint as your redirect URL in the {{site.data.keyword.appid_short_notm}} console. For more information about redirect URIs, see Adding redirect URIs
{: #ts-redirect}
{: tsSymptoms} A user tries to sign in to your application, but the sign-in page doesn't display when prompted.
{: tsCauses} The identity provider can fail for several reasons:
- The redirect URI that is listed in {{site.data.keyword.appid_short_notm}} is written incorrectly.
- The identity provider doesn't recognize the authentication request.
- The identity provider expects HTTP-POST binding.
- The identity provider expects a signed AuthnRequest.
{: tsResolve} You can try some of these solutions:
- Update your sign-in URL. This URL is sent as part of the
AuthnRequestand must be exact. - Be sure that your {{site.data.keyword.appid_short_notm}} metadata is set correctly in your identity provider settings.
- Configure your identity provider to accept the
AuthnRequestin the HTTP-Redirect. - {{site.data.keyword.appid_short_notm}} does not support signing
AuthnRequests.
If none of the solutions work, it is possible that you might have a connection issue. {: tip}
{: #ts-saml-attribute}
{: tsSymptoms} An attribute value exists in a user profile, but it's not associated with the correct attribute.
{: tsCauses} The user profile attribute is not mapped correctly.
{: tsResolve} Map the attribute in your identity provider settings. {{site.data.keyword.appid_short_notm}} expects the following attributes:
nameemaillocalepicture
{: #ts-requests} {: troubleshoot} {: support}
{: tsSymptoms} You attempt to view the home page of your app but receive the following error:
{"error_code":"too many requests","error_description":"too many requests"}
{: screen}
{: tsCauses}
You might receive a too many requests error if you are performing automated testing with only one virtual user. Each user is limited to five sign-in attempts in a 1-minute time span. Sign-in attempts are limited in order to prevent brute force DDoS and other types of similar attacks.
{: tsResolve} To resolve the issue, you might want to use multiple virtual users when you perform testing.
{: #ts-verification}
{: tsSymptoms} Your users don't receive an email when the sign-up, forgot their password, change their password or to verify their account.
{: tsCauses} A user might not receive their requested email because it is sent to spam, there is a misconfiguration, or an internal error.
{: tsResolve} To resolve this issue, you can try the following solutions:
- Verify with the user that the email was not sent to their spam folder. If it was, have them mark the sender as
not spam. To avoid this, consider bringing your own email sender. - Verify your messaging configuration.
- Ensure that a resend option is present on your sign-in screen so that your user can request that an email is resent if an internal error occurs.
If you add a user through the {{site.data.keyword.appid_short_notm}} dashboard, the user is verified automatically and does not receive an email. {: note}