Hard Failures

Codes, the failure, and a description for each are listed as follows

Code: SAML SSO Failure

• Description

HF01: Bad Http SAML2 Request

• Incorrect HTTP method
• Request is a POST, not a GET

HF02: Invalid portal authentication type

• Portal making SAML Request is not authentication type SSO SAML2
• Configure Single Sign-On via the SHW's Admin Website

HF03: SAML Assertion Already Used

• SAML assertions are cached to prevent replay attacks

HF04: Form is missing variable SAML Response

• Missing required XML tag <Request> in the SAML Response

HF05: SAML Assertion Signature is not signed

• SAML Response does not contain an XML Signature

HF06: Error verifying response signature

• Unable to verify the XML response signature using the known IdP public key
• Invalid SAML response signature or invalid IdP certificate

HF07: SAML Response Status is not a success status

• Either:
  • Missing required XML tag <Status> in the SAML Response
  • Missing required XML tag <StatusCode> in the SAML Response
  • Value of <StatusCode> is not "urn:oasis:names:tc:SAML:2.0:status:Success"
  
  

Example:

<samlp:Status>

        <samlp:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>

</samlp:Status>

HF08: Encrypted assertion is not found in SAML response

• Either:
  • Missing required XML tag <EncryptedAssertion> in the SAML Response
  • There is more than one encrypted SAML assertion

HF09: Decryption failed of SAML certificate

• Unable to decrypt the encrypted assertion using the stored SP key

HF10: XML deserialization failed of SAML certificate

• Unable to deserialize the SAML assertion

HF11: Unexpected error decrypting SAML assertion

• Unexpected error occurred while decrypting the SAML assertion
• Contact Avidon Health for technical support

HF12: Issuer Id not found

• IssueId in SAML Response does not match what is expected 
• Configure Single Sign-On via the Admin website

HF13: Unexpected exception

• Unexpected exception occurred
• Contact Avidon Health for technical support

HF14: Missing SSO Member Attributes

• No SSO member attributes have been configured for this portal
• Configure Single Sign-On via the Admin website

HF15: No mapping for required KeHF15: No mapping for required Keyfield Member Attribute

• Missing required SSO Member Attribute 'KeyField'
• Configure Single Sign-On via the SHW Admin website

HF16: Cannot find returning SSO user

• Internal error—unable to find identity profile for returning portal member
• Contact Avidon Health for customer support

HF17: Invalid User

• Portal Registration—One or more attributes threw an error (ex, CustomField1 has an incorrectly formatted value)
• This is a catch-all for SAML Attributes

HF18: Portal is not configured for SLO

• This portal has not been configured to use Single Log Out
• Configure Single Sign-On via the Admin Website

HF19: Portal Member status is not active or account has been deleted

• Portal Member's account is not in the correct state to allow login
• Contact Avidon Health for customer support

HF20: No mapping for required PortalName Member Attribute

• Missing required SSO Member Attribute 'PortalGroup'
• Configure Single Sign-On via the Admin website

HF21: SAML Request does not contain a value for Keyfield

• Provide a value for required SSO Member Attribute in SAML Request

HF22: SAML Request does not contain a value for PortalGroup

• Provide a value for required SSO Member Attribute in SAML Request