SAP Knowledge Base Article - Public

2825398 - Token-Based SSO users not able to login

Symptom

  • SSO user is not able to login on SF
    AND
  • SSO configuration is token-based (MD5-based, SHA1-based, DES/3DES-based)

Environment

SAP SuccessFactors HCM Suite

Reproducing the Issue

SSO user attempts to login on the system but is not allowed to.

Cause

Each token-based SSO user will have their own URL to login. Login URL contain different parameters, meaning that some of them might need a refresh or the URL itself has expired.

Example of parameters: username, password, tklogin_key, expire, callerharsh

Resolution

Generate a new login URL for the affected user(s) and ask them to clear their browser cookies and caches before attempting to login again.

NOTE: URL generation is responsibility of the customer side.

Keywords

token-based, MD5-based, SHA1-based, DES/3DES-based, username, password, tklogin_key, expire, callerharsh , KBA , LOD-SF-PLT-SEL , SSO Errors & Logs , Problem

Product

SAP SuccessFactors HXM Suite all versions