There are a couple reasons why you might see an error that says
"Login Failed: We cannot authenticate you using SSO Reason: No SAML Signature"
Reason 1: The user does not have a PIN assigned and is trying to sign in using their email address and PIN to an org configured for Single Sign On (SSO).
- Resolution 1: Ensure the user is able to successfully communicate with your SSO server via your local company network, VPN or a publicly available SSO proxy.
- Resolution 2: If you would like the user to have the option of using Silo without access to the SSO server - Reset the password for the user and they should be prompted for the password and then given the opportunity to create a PIN on the next session.
- Resolution 3: Ensure that the user is setup to use SSO properly. Make sure the client SSO keys are set in the registry. You can save the text below as a .reg if you want to add the keys to the registry. If you are updating your registry be sure to replace <your portal name> with the correct value from the Silo Admin Console e.g. authentic8 :
Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Authentic8, Inc.\Authentic8] "IEWebViewURL"="https://getsilo.com/sso/saml/client/<your portal name>/" "IEWebViewMode"=dword:00000002
The user should see "Connecting to the SSO Domain" when they run Silo if it is properly configured for SSO.
Reason 2: The computer clock is more than five seconds out of sync with the atomic clock.
- Resolution: Ensure that your computer clock is synchronizing with your server clock and the server clock is synchronizing with a known good NTP provider. More information can be found here http://www.ntp.org/