Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3149
Views
15
Helpful
6
Replies

ISE 3.0.0.458 Single Click Approval Not Working

Dan Man
Level 1
Level 1

‎10-21-2020 07:34 PM

Good evening!  I've set up our Guest self registration portal.  It works great!  Only two items that are plaguing me right now.  When the user self registers, the sponsor receives the email to Approve or Deny.  The sponsor clicks "Approve", which brings me to the first issues.  It asks the sponsor to authenticate to the sponsor portal.  I did read, and go through the single click approval guide.  I have the correct sponsor portal set up, with the correct identity source sequence.  My AD is registered in ISE, and is a part of the identity source sequence.  The users that are approving are a part of AD.  Within the self registration portal, the sponsor has to approve the guest registration.  Once the sponsor does authenticate, the guest sees the approval go through, on their screen.  At that time the guest has to accept the AUP, before it will let them on.  At that point, they're on, and it redirects them to our company page.  Once the user gets on, I have my second issue;  the sponsor receives a web page that says, "Link is invalid. Please sign on to the sponsor portal to approve/deny guests."; even though the guest has already been approved.  I've read that it could be due to our company logo being added.  I've removed our company logo, but still the same issue is happening.  I've read that in version 2 there is a bug.  I would've assumed that this was fixed going into version 3.  Anyone have any success at correcting these two issue?  Thanks!

1 person had this problem
0 Helpful
6 Replies 6

Dan Man
Level 1
Level 1

‎11-24-2020 09:06 PM

No thoughts?  TAC can’t seem to figure this out.  Customer is on the verge of scrapping ISE in favor of ClearPass

0 Helpful

Aref Alsouqi
VIP
VIP
In response to Dan Man

‎11-25-2020 03:03 PM

Seems like it is a buggy behaviour. I would try to ask TAC to escalate the case.

0 Helpful

tellis002
Spotlight
Spotlight

‎02-04-2021 07:53 AM

I know this is going to sound super weird, but I have been working on the same issue, same ISE version as well.  However, it started working and the only thing I changed was getting ISE to email externally.  All I can think of is something in the token with how I was currently utilizing email within ISE was causing an issue.  

 

 

Dan Man
Level 1
Level 1
In response to tellis002

‎02-04-2021 09:19 AM

That is interesting! I opened a TAC case, and they were able to reproduce the error in their lab. From what TAC told me, they’re going to create an update to address the issue; but I’m going to try your suggestion.

tellis002
Spotlight
Spotlight
In response to Dan Man

‎02-04-2021 09:40 AM

O nice, very interesting.  Well I will watch out for that update then as well.  

0 Helpful

jack.warmya
Level 1
Level 1

‎12-20-2023 05:48 AM

I've got exactly the same issue. Do you have any updates from TAC ? Thanks a lot

First issue:

When the guest user self registers, the sponsor receives the email to Approve or Deny.  The sponsor clicks "Approve", however it still brings the sponsor to the sponsor portal and ask the sponsor to authenticate in order to validate the user request.

Second issue:

Once the sponsor does authenticate, the guest sees the approval go through on their screen.  After accepted the AUP and it redirects them to our company page. 

However, the sponsor receives a web page that says, "Link is invalid. Please sign on to the sponsor portal to approve/deny guests."; even though the guest has already been approved.

0 Helpful
Customers Also Viewed These Support Documents