Heading link
copied to clipboard
Troubleshooting Entra ID Federation
- Verify the Reply URL matches exactly in both Entra ID and Delinea Platform.
- Check that users are assigned to the enterprise application in Entra ID.
- Confirm the enterprise application is enabled in Entra ID.
- Review Entra ID sign-in logs for error details.
- Verify the claim mapping includes required attributes.
Authentication fails with certificate errors
- Ensure the token signing certificate in Entra ID is current.
- Check that the certificate thumbprint matches in both systems.
- Verify certificate expiration dates.
- Download and re-upload the metadata file if certificates were rotated.
Groups do not sync correctly
- Confirm group claims are enabled in Entra ID token configuration.
- Verify the group claim name matches your configuration.
- Check that users belong to the expected security groups.
- Review the token payload in browser developer tools.
