Seamless Rollout Troubleshooting

Single Sign-On (SSO) with Browser Extension Rollout can be a powerful way to enhance security and streamline access to various applications for users. 

However, like any technology implementation, it can come with its own set of challenges. 

General advice 

Please make sure that all the data you implement is correct and has the right syntax.

Here are some common issues that organizations may encounter when using SSO with browser extensions:

Error Messages

After visiting

Invalid CompanyID
  • Review with Userlane Customer Success Manager that correct companyID is used.
Invalid Signature
  • Try renewing the certificate. This requires your IT to provide a new certificate code.

  • Add the new certificate to the Userlane Portal.

Error status Code 500
  • Reach out to Userlane Customer Success Manager to review datatype settings.
PEM_read_bio_PUBKEY failed
  • Check that the certificate in the Userlane Portal from the customer’s metadata .xml is correct and not missing any characters with help of their developers.

Outdated certification
  • Add a new certificate into Userlane Portal.

Invalid certificate format
  • Review certificate format. Check for blank spaces, missing content or additional content.
  • Set up SSO trust for Userlane.

If the link opens the login page of your IDP and shows no error but you are still not authenticated (no Company User shown in the Userlane Portal), check the Entry Point URL, it usually should contain the word "SAML". Check the XML file for the right entry point URL.

Extension shows "Userlane not running"

Review setup

Make sure companyID, integrityToken and region are set up correctly for respective browser and use the right syntax. 

Allow 3rd party cookies

Some browsers block 3rd party cookies by default, including the ones coming from Userlane. This will block some of the Userlane elements. You can check if this is the case by allowing all cookies in your browser settings (only for the sake of testing). If this has solved the problem, you can put your app's and Userlane's domain ([*.] in your browser's "3rd party cookie allowed list" and switch the main cookie setting back to default. You may need to ask your colleagues in IT for help.

Deactivate any Adblockers

Some adblockers can prevent any cookies collection. Allow Userlane for your adblocker or deactivate it.

Make sure that your segmentation is set up

Make sure that the user profile you use in your application matches these segmentation settings and the user is supposed to see content.

Content Security Policy

Should you have chosen Iframe as SSO Window Mode, it could be that your Content Security Policy does not support Iframes. In this case, please try using Inactive Tab as alternative SSO Window Mode. 

Separate window opens asking to log in again and does not close automatically

Security Software blocks content or User is not connected to company's network. 

User Icon

Thank you! Your comment has been submitted for approval.