| Professional | Business | Enterprise |
|---|---|---|
Single Sign-On (SSO) allows you to access Document360's Knowledge base portal using your existing credentials from another identity provider (IdP). This eliminates the need to remember multiple passwords.
Logging in using SSO
To log in to the Knowledge base portal using SSO:
Open your web browser and enter the URL of the Document360 Knowledge base portal you want to access.
In the Email or Subdomain field, enter your email address or domain name.
Once you've entered your email or domain, click the Continue with SSO button.
You will be redirected to your IdP's login page. Enter your credentials to authenticate.
After successful authentication, you'll be automatically logged into Document360's Knowledge base portal.
IdP initiated sign-in
If the Allow IdP initiated sign-in option was enabled during the SSO configuration process, you can also log in directly from your IdP's dashboard. This means you don't need to visit the Document360 Knowledge base portal first. Simply navigate to your IdP's dashboard and look for the Document360 application. Click on it to initiate the login process.
By following these steps, you can easily and securely access Document360's Knowledge base portal using your existing SSO credentials.
Troubleshooting
If you encounter issues while logging in to the Knowledge base portal using SSO, refer to the following common errors and their solutions:
User access not assigned in IdP
Error: Sorry, but we’re having trouble signing you in. Your administrator has configured the application Document360 to block users unless they are specifically granted (assigned) access to the application.
This error indicates that users are not assigned to the Document360 application in the Identity Provider (IdP).
Steps to resolve:
To resolve this issue,
Log in to the identity provider’s portal.
In the identity provider’s portal, navigate to Applications, and select the Document360 application.
Add the required users or groups to the Document360 application.
Once the users are added, they should be able to access Document360 without encountering the error.
No projects associated with email address
Error: There are no projects associated with this email address. Please contact your Project administrator.
This error indicates that the user’s account is not linked to any project in Document360. This can happen if the user has not been added, or has been removed to Document360, but their account is linked to the Identity Provider (IdP).
Steps to resolve:
To resolve this issue,
Log in to the Knowledge base portal as an administrator.
Select the project where the user needs access.
Navigate to Settings () in the left navigation bar in the Knowledge base portal.
In the left navigation pane, navigate to Users & security > Team accounts & groups.
Check if you have added the user as an SSO account.
If the user's account exists but is not an SSO account, select the checkbox next to their account and click Convert to SSO account option.
If the user is not listed as an SSO account, click Add > Team account and select the SSO user checkbox while creating the account.
Email address missing in SAML/ODIC response
Error: Email address is missing in SAML/ODIC response, please check your SSO configuration or contact support.
This error typically occurs when the email or name attributes in the SAML/ODIC response are not configured correctly in the Identity Provider (IdP). These attributes are case-sensitive, so it is important to ensure they match exactly as specified in the configuration.
Steps to resolve:
To resolve this issue,
Check attribute mapping in the Identity Provider (IdP)
Log in to your Identity Provider (IdP) as an administrator.
Verify that the attributes for email and name are mapped correctly.
Confirm that the attribute names match exactly as specified in the Document360 documentation. For example,
Correct: “email” and “name”.
Incorrect: “Email”, “EMAIL”, “Name”, or “NAME”.
Update SSO configuration in Document360
Log in to the Knowledge base portal as an administrator.
Select the project where the SSO is configured.
Navigate to Settings () in the left navigation bar in the Knowledge base portal.
In the left navigation pane, navigate to Users & security > SAML/OpenID.
Select Edit () for the existing configuration.
Navigate to the IdP configurations section and ensure the mapped attributes in Document360 correspond to those configured in the IdP.
Save the updated configuration.
Now, test the SSO login to confirm that the issue is resolved.
Single sign-on is not enabled for this email
Error: An error occurred while handling the request and ‘Single sign-on isn’t enabled for this email’
This error indicates that the user's email is not correctly configured in the Identity Provider (IdP) or in Document360.
Steps to resolve:
To resolve this issue,
Log in to the identity provider’s portal.
In the identity provider’s portal, navigate to Applications, and select the Document360 application.
Check if the team accounts/readers are added to the Document360 application.
If the team account/reader is missing, add them and assign the necessary permissions.
Next, check if the SSO configuration has been completed correctly in Document360. To verify if the SSO configuration are correct, check the details from the SAML and OpenID articles.
If the issue persists, please contact the Document360 support team with the screenshots of the IdP configuration and Document360 SSO configuration.
Unable to login via SSO
Error: Single Sign-on is not enabled for this subdomain
This error occurs when the incorrect subdomain or knowledge base portal link is used during login. It commonly happens if the project is hosted on one domain (e.g., US) but is being accessed through a different domain (e.g., EU).
Steps to resolve:
Verify Your Subdomain and Portal URL
Ensure you are using the correct subdomain and accessing the right Document360 portal.
If your project is hosted in the US domain, use: https://portal.us.document360.io/
If your project is hosted in the EU domain, use: https://portal.document360.io/
Check Your Subdomain
Navigate to Settings () in the left navigation bar in the Knowledge base portal.
In the left navigation pane, navigate to Knowledge base portal > Custom domain.
In the Custom domain page, you can view your project link. If your project link is
https://test1.document360.io, then your subdomain is "test1".You can also find your subdomain on the Configure the Service Provider (SP) page under from your SSO Configuration.
SSO login failure
Error: This page isn’t working - identity.us.document360.io is currently unable to handle this request. HTTP ERROR 500.
This issue occurs due to a change in the identity certificate. The signing certificate for authentication is rotated every three months, and if the updated certificate is not configured correctly in the Identity Provider (IDP), authentication may fail.
Steps to resolve:
Follow these steps to resolve the issue:
Ensure that you configure the metadata URL correctly in the Identity Provider (IdP). This URL is available on the SSO page in Document360 and reflects the latest signing certificate information.
If the issue persists, contact support@document360.com for assistance.
FAQs
Why can't I access a project despite being granted access?
If you're unable to access a project, it could be because you are added as an SSO user for some projects and a non-SSO user for others. Please ensure you are using the correct login credentials (non-SSO for non-SSO projects).
If the issue persists, contact our support team for further assistance.
Why am I encountering a 500 error when using SSO authentication to access my Knowledge base portal?
If SSO authentication is causing a 500 error, it may be due to an outdated SAML certificate. First, check if your site is set to public, as SSO authentication is typically used for secure access. Updating the SAML certificate on your end should resolve the issue.