Details:
A few steps occur when a new user obtains login access to a Signals Clinical deployment. The below troubleshooting checkpoints are marked with asterisks ***.
User gets licensed to use the tenant
The Revvity DevOps Team and Fulfillment Team are responsible for this.
The Customer Administrator invites a new user via the Signals Clinical configuration
Per the Quick Start Guide, a customer's designated Administrator creates a new user account via the Configuration tab. This action triggers Signals Clinical to email an invitation to the user.
*** If the user does not receive the email invitation ...
a) Verify the Administrator used the correct email address.
b) Confirm that the end user has added "noreply-scl@revvitycloud.com" to the Outlook safe senders list (and "noreply-scl-dev@revvitycloud.com" if the customer has a UAT account).
c) Does the Signals website indicate a status of "Invited" for the user?
d) Request that the Revvity DevOps Team check if the Signals Clinical app server sent the email request, and is there record of any email bounce back message or Non-Delivery Report (NDR)?
*** If the new user clicks the Activate button in the email invitation and gets a 'Not Found' message ...
a) Review the Single Sign On (SSO) settings and the External SAML Configuration settings described in the Quick Start Guide. Note that the Activate button directs the user to the Signals Clinical URL provided in the email, which should direct the user to the customer IDP, which may auto-login if the user is on a company machine, which then uses the callback URL to tell Auth0 that the user is a valid user in the customer IDP. Auth0 then creates the user, authorizes the login and the user account moves from 'Invited' to 'Active' in Signals Clinical.
b) If possible, download the Metadata file and include with reports of your issue. This file is available from the General Configuration tab of the Signals Clinical site.
c) In some cases it may be necessary to re-upload the current metadata file before testing again.
Customer Administrator adds the User account to the external authentication system
Signals Clinical allows for several types of external authentication, which differ in regard to configuration settings. Refer to the the Quick Start Guide and the User Guide for further detail, possibly. Some examples are listed below.
*** Determine in the Signals Clinical site if External SAML has been configured, and the type of system.
a) PingOne only requires an Entity ID and a call-back URL;
b) Azure requires an Entity ID and both a call-back URL and a sign-in URL;
c) Okta requires an Entity ID, call-back URL and user account mapping in step 3 of SCL SSO configuration. It does not require a sign-in URL.
Note that the Signals website will indicate a status of "Active" (rather than Invited) as soon as the user logs in successfully.
Comments
0 comments
Article is closed for comments.