After redirection from the external Identity Provider (IdP) to the Workspace, a 401 Unauthorized message is shown.

1 users found this article helpful

Applies to:
- Parallels Secure Workspace
Last Review: Oct 26, 2023
Related Articles:
- Using Microsoft Active Directory Federation Services to sign in to the Workspace (SAML)
Available Translations:
Get updates

Symptoms

After redirection from the external Identity Provider (IdP) to the Workspace, a 401 Unauthorized message is shown.
In the appliance's log files, this error message can be seen: Unable to get username from SAML response.

Possible causes:

An incorrect username claim was specified.
An incorrect configuration of the claim issuance on the external Identity Provider (IdP).

Verify the configuration of the claims on the external IdP.
- When using Active Directory Federation Services (ADFS), check Using Microsoft Active Directory Federation Services to sign in to Parallels Secure Workspace (SAML) .
Verify the username claim in Parallels Secure Workspace, configured under System Settings > Configure > User Connector: Federated Authentication.
- Default:
  - For Microsoft ADFS: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
  - For Azure: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Tell us how we can improve it.