In this troubleshooting guide, we run through different scenarios that you may face when enforcing SAML single sign-on with Azure AD and how to resolve them.
In this article:
- My certificate expired and I lost access to Productboard. How can I update the new certificate?
- I've authorized SAML SSO, but I forgot to add any users in my IdP — what should I do?
- What should I do if I receive the error AADSTS50105?
- What should I do if I receive the error AADSTS700016?
- What should I do if I receive an "Invalid ticket" error?
My certificate expired and I lost access to Productboard. How can I update the new certificate?
Reach out to us through the nifty Zendesk widget in the bottom right of the page, or email us at email@example.com. We can disable the SAML for you and then you will be able to log in and update the certificate manually.
I've authorized SAML SSO, but I forgot to add any users in my IdP — what should I do?
If you feel you aren't ready and need to turn off your authorized SAML SSO settings from the space, the owner of the space can contact our Support team and we'll remove it easily. However, we need an admin who has ownership of the space to request this.
What should I do if I receive the error AADSTS50105?
This occurs when a user is trying to log in using an Azure account but hasn't yet been granted access through your Azure AD. Please see the Grant access for the Azure AD user section ****or ask your Productboard admin to grant you access in Azure AD .
What should I do if I receive the error AADSTS700016?
This occurs when something is missing in your Azure AD configuration. Please go to Enterprise Applications → All applications → Productboard → Manage section → Single sign-on and make sure the Entity ID and Reply URL are properly set.
You may also see this error when trying to configure multiple Productboard workspaces. A Single Azure AD instance does not allow for two applications to share the same Audience/Entity ID. Please see the Configuring access to multiple Productboard workspaces section for more help.
What should I do if I receive an "Invalid ticket" error?
This error occurs when something is not configured properly and you try to log in in the Productboard app. The easiest way to fix this is to start the configuration process again in Azure AD and double-check that everything is set according to our tutorial.
If you see this error and are having issues setting SAML configuration in Productboard again (you logged out and can't get back in), contact our Support Team, and we will disable SAML SSO in your workspace, allowing you to set it again.