I get an "Oops" error with SAML SSO. Why?

An "Oops" error might indicate that the email attribute in the SAML assertion is wrongly configured or missing.

There must be an attribute with the "EmailAddress" name in the SAML Assertion. Haiilo needs this attribute to identify the user who is logging in. "EmailAddress" is the exact attribute name that is expected: it is case-sensitive and should not have any prefixes inside the name. 

Entra ID tends to add the 'http://schemas...' prefix to all assertion attributes by default but it should not be in the "EmailAddress" attribute. It should be displayed like this:


Any prefixes before "EmailAddress" must be removed from the IdP's configuration to successfully integrate with Haiilo.

Was this article helpful?