Troubleshoot Issues with Identity Provider Setup

Problem

This error message appears during IdP setup on the Organization Settings page of the Juniper Mist™ portal.

Cause

This error indicates that the Certificate field in the IdP window is missing required information, such as the header and footer.

Solution

Download the certificate, copy the full text of the certificate (including the headers and footer), and paste the full text into the Certificate field on the IdP window.

Problem

This issue occurs when users are logging in to the Juniper Mist portal for the first time.

Cause

The first time that someone logs in, they need to use the SSO URL or another IdP-initiated login method. This step is necessary to establish a user's Juniper Mist account as an SSO account. After that, users can use the SSO URL or go directly to the Juniper Mist portal (manage.mist.com).

Solution

Advise users to use the SSO URL or another IdP-initiated login method the first time that they log in to the Juniper Mist portal.

Problem

This error appears during login. It indicates that the user already has a Juniper Mist account. Typically, this error occurs when someone is trying to use the same email address for a local Juniper Mist account and an SSO account.

Solution

Consider deleting the user's local account on the Juniper Mist portal. A Juniper Mist organization requires only one local account. For all other users, a local account is not necessary. They can delete their local accounts, and this will resolve the "email already taken" issue.

Another option is to set up the two accounts (local and SSO) with different email addresses.

Problem

In this scenario, the user name is not showing up in the Juniper Mist portal.

Cause

This issue occurs when the SAML configuration is missing the FirstName, LastName, Role, and Name ID attributes.

Solution

In the IdP portal, update the SAML configuration to include the missing attributes.