DocumentationWorkfrontWorkfront Guide

Error message: SAML 2.0 Authentication Failed: User Identifier Not Found

Last update: Mon Jan 09 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

  • Admin

Problem

I am receiving this error when using SAML 2.0: “SAML 2.0 Authentication Failed: User Identifier Not Found.”

Cause

This happens when a UID or NAME ID is not passed from the ADFS Claim rules.

In ADFS the Relying Party Trust needs to have a Claim rule that passes either a UID or a NAME ID value. When you run a Workfront Test Connection, it should show this if successful.

Access requirements

You must have the following access to perform the steps in this article:

Adobe Workfront plan
Any
Adobe Workfront license
Plan
Access level configurations

You must be a Workfront administrator. For more information, see Grant a user full administrative access.

NOTE: If you still don't have access, ask your Workfront administrator if they set additional restrictions in your access level. For information on how a Workfront administrator can modify your access level, see Create or modify custom access levels.

Solution

  1. When editing the ADFS INFO, in the Relying Party Trusts > Select object >Edit Claim Rules.

  2. The LDAP Attribute (left column) should have E-Mail Addresses (or any unique identifier).

  3. The Outgoing Claim Type (right column) should be Name ID.

    note note
    NOTE
    It does not have to have the LDAP Attribute E-Mail Addresses. Any unique identifier that will identify the user can be used but it must be passed into Adobe Workfront as the NAME ID.
recommendation-more-help
5f00cc6b-2202-40d6-bcd0-3ee0c2316b43