03-13-2024 03:36 AM - edited 03-13-2024 03:40 AM
Hello Team,
i am facing issue on UCCX 12.5SU3 where it's SSO enabled, the integration with the IdP looks good.
however, if i try to login to appadmin page using SSO, the authentication success but the UCCX shows
"Access Denied
The attempted action is not allowed because it violates security policies."
does anyone have any clue why this is happening ?
03-13-2024 03:43 AM - edited 03-13-2024 03:44 AM
You are being automatically logged in via SSO with your Windows User. That's what SSO is there for.
But I assume, your user is not added to UCCX and / or doesn't have the correct priviliges.
You should use the "recovery URL" instead.
03-13-2024 03:48 AM - edited 03-13-2024 03:49 AM
thanks for response @b.winter
i am trying to login with different user than the windows user
when i access the appadmin page i get redirected to a SSO login page in our IdP
i enter the username and password and the login success
after that i get redirected again to the (https:/FQDN/appadmin/main)
showing the error message above.
i wanted to note that i am using account (uid@domain1) to login to the SSO where the login success
and the UCCX FQDN is (ccx@domain2) is that difference in domain could cause this issue ?
03-13-2024 03:56 AM
"enter the username and password and the login success": Which username / password? You cannot use the default admin (which was set during Installation of the VM) in the SSO page, because it is not AD. But that should be logical.
The user you use for login via the SSO page needs to be a user in UCCX and have the correct priviliges.
And again: If you wanna use the default admin to login, you have to use the recovery url, to bypass SSO authentication.
03-13-2024 04:01 AM
yes i understand that the default admin user need to be used in the recovery URL
i am using another user for example (ccxuser@domain1) this in the CCX and have administrator rights.
if i disable the SSO and try to login with that user, everything works well and i can access the appadmin page
but this only happen in SSO login.
03-13-2024 05:01 AM
The admin guide states the following:
But maybe you should check the Tomcat logs for further details.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide