What to do when things turn pear-shaped.

While an SSO can be considered a fairly simple connection, there are still things that can go wrong.
In this article, we'll look into a few of the most common errors encountered.

Errors in Winningtemp vs. Identity Provider

SSO errors can generally be separated based on which end of the connection they occur.
If the user encounters an error within the login portal of your IdP (Identity Provider), it will be related to an issue on the customer side and is best investigated by your own IT.

If the error is encountered in the Winningtemp portal, it will relate to incorrect data in your instance of WT.
Even now, it's not necessarily time to contact support. Take a look at the errors below, and perhaps you'll discover the issue directly.

Error: No matching username

This is an error in the Winningtemp portal, and is by far the most common error encountered here.
The error relates to the system not finding any username in your instance of WT that matches the one provided by the IdP.

Which means one of two things:

  • Either the user in question as not been created yet, so there is no account for which to match the username to
  • Or, the username in WT does not match the email provided by the IdP, usually because the email has changed at some point and not been updated in WT prior to this login attempt

Error: User not part of access group

This is an error on the IdP side, and simply means the user that made the login attempt is not part of the access group that your administrator set up for the SSO application.

Either the user shouldn't have access to WT, or someone missed adding them to the right group(s).
Whatever the case may be, it's up to your IT to tackle the issue.