You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I, as a user with activated MFA on the azure side want to login into SuiteCRM, the login is rejected.
Issue
When trying to login via SAML: Azure AD gives the following error
AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'. Contact the SuiteCRM application owner.
Expected Behavior
I should be logged in w/o the error.
Actual Behavior
I cannot login because of this error:
AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'. Contact the SuiteCRM application owner.
When I, as a user with activated MFA on the azure side want to login into SuiteCRM, the login is rejected.
Issue
When trying to login via SAML: Azure AD gives the following error
AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'. Contact the SuiteCRM application owner.
Expected Behavior
I should be logged in w/o the error.
Actual Behavior
I cannot login because of this error:
AADSTS75011: Authentication method 'X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'Password, ProtectedTransport'. Contact the SuiteCRM application owner.
Possible Fix
Update Settings in https://github.com/salesagility/SuiteCRM/blob/d57e91389d97791fe621d811f03fe05f8f5a7f78/modules/Users/authentication/SAML2Authenticate/lib/onelogin/settings.php
remove the requested AuthN method from the request.
From my POV its unnecessary to require this.
This is also stated by MS in their docs: https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/error-code-aadsts75011-auth-method-mismatch
Steps to Reproduce
Context
Your Environment
The text was updated successfully, but these errors were encountered: