Issue setting SSO with ADFS

companies

#1

Hello ,
We have just configured SSO to work with our ADFS according to Hubspot [guide](http://Hello , We have just configured SSO to work with our ADFS according to Hubspot guide , when i do Verify at the end of the process , i am redirected to our ADFS portal with following error sown below , i went trough all the guide again checked in our system couldn't find any setting to pinpoint the current issue. Just to mention tha we have other web app thats works with our ADFS without any issue Please advice Thanks) , when i do Verify at the end of the process , i am redirected to our ADFS portal with following error sown below , i went trough all the guide again checked in our system couldn't find any setting to pinpoint the current issue.
Just to mention that we have other web app that works with our ADFS without any issues
Please advice
Thanks

==================================
 dl Federation Service
An error occurred
An error occurred. Contact your administrator for more information.
Error details

    Activity ID: 00000000-0000-0000-0500-0080000000ff
    Error time: Thu, 13 Dec 2018 10:20:57 GMT
    Cookie: enabled
    User agent string: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0

#4

Welcome, @Tal_Bar-Or!

I see that you spoke with Jessica in HubSpot support via Ticket #2165276.

I'm happy to help you troubleshoot your SSO connection with AD FS, however I want to do so in a more private channel. For that reason, I have opened up a special support ticket. Please let me know if you have not received it.


#5

Update:

We resolved the issue by checking the settings in the AD FS manager and moving a few URLs around.

If you are attempting to set up an SSO connection with AD FS, please follow the steps in this article exactly. Specifically:

  • Enter https://api.hubspot.com/login-api/v1/saml/acs?portalId=[yourHubID] in the initial Configure URL window's Relying party SAML 2.0 SSO service URL field.
  • In the Identifiers tab, enter both https://api.hubspot.com/login-api/v1/saml/login/[yourHubID] and https://api.hubspot.com as URLs in the Relying party identifiers field.
  • In the Endpoints tab, enter only https://api.hubspot.com/login-api/v1/saml/acs?portalId=[yourHubID].