web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics 365 | Integration, Dataverse... / Loggin into to Dynamic...
Microsoft Dynamics 365 | Integration, Dataverse...
Suggested Answer

Loggin into to Dynamics 365 from OneLogin

(4) ShareShare
ReportReport
Posted on by BW-15082100-0 13
Until recently (with no alterations made to OneLogin aor Dynamics that I know of) we started receiving the following error when trying to access out Dynamics 365 Hub from our OneLogin SSO page:
 

 

Error

An error has occurred.

Try this action again. If the problem continues, check the Microsoft Dynamics 365 Community for solutions or contact your organization's Microsoft Dynamics 365 Administrator. Finally, you can contact Microsoft Support.
 

 
 
  • Timestamp: 8/15/2025 8:58:03 PM UTC
  • Service Request Id: 53a9e369-172a-453a-810d-d6303f59b6d0
  • Tenant Id: 8105bc5d-cc07-4843-b37d-81d7e1187c0b
  • Url: https://prpllc.crm.dynamics.com
  • Organization Id: 31df3532-0e4d-ee11-94d0-6045bd003903
  • Unique name: unq31df35320e4dee1194d06045bd003
  • Security Group: Not set
 
 
When you click the 'Try Again' button, the SSO process goes through and take you to the Dynamics 365 site.
 
When i presented the issue to OneLogin support and sent them a SAML TRacer Log as they requested, they informed me that they found out the error is related to 'validator; but not sure how to resolve it with the Dyanmics applicaiton and I should reach out to MS support.
 
I am also attaching the SAML trace log in JSON format
Categories:
Dynamics 365 general
SAML-tracer-expor...
SAMLTracer.pdf
OneLogin-MFA-user...
I have the same question (0)
  • DAnny3211 Profile Picture
    DAnny3211 11,397 on at

    Hi there,

    Thanks for sharing the details. Based on your description and the SAML trace log feedback from OneLogin support, it seems the issue is related to SAML token validation during the SSO process between OneLogin and Dynamics 365.

    Here are a few steps you can try:

    1. Check SAML Configuration

      • Ensure that the SAML assertion includes all required claims (e.g., NameID, email, userPrincipalName).
      • Verify that the audience URI and recipient URL match the expected values in Dynamics 365.

    2. Dynamics 365 Setup

      • Confirm that the Azure AD tenant is correctly linked to your Dynamics 365 environment.
      • Check if the user exists in Dynamics 365 and is assigned the correct security roles.

    3. OneLogin Settings

      • In OneLogin, verify that the application connector for Dynamics 365 is up to date.
      • Make sure the X.509 certificate used for signing is valid and matches what Dynamics expects.

    4. Microsoft Support

      • Since OneLogin identified a validator issue, and the error persists after SSO, it’s best to open a support ticket with Microsoft and include the SAML trace log and Service Request ID for deeper investigation.

    Let me know if this helps, and please mark the response as helpful if it answered your question 😊

    Best regards!

  • Suggested answer
    Nour Abuzaid Profile Picture
    Nour Abuzaid 197 on at

    Issue: Dynamics 365 login via OneLogin SSO intermittently fails on the first attempt, showing a generic error. Retry succeeds. OneLogin support suggests a validator-related SAML issue.

    Common Cause: SAML token validation failure—often due to clock skew, token timestamps, or assertion signature issues.

    Steps to Resolve:

    1. Check system clocks: Ensure OneLogin and Dynamics 365 servers are synchronized within a few minutes (UTC).

    2. Inspect SAML logs: Look at <saml:Conditions> NotBefore / NotOnOrAfter and signature validation.

    3. Adjust assertion validity: Increase token validity slightly in OneLogin SAML settings.

    4. Clear browser sessions: Remove cached sessions or cookies.

    5. Verify certificates: Ensure OneLogin’s X.509 certificate matches the one uploaded in Dynamics 365.

    6. Microsoft Support: Provide SAML logs, timestamps, and service request ID for deeper diagnostics.


      References:

      Microsoft Docs: https://learn.microsoft.com/en-us/power-pages/security/authentication/saml2-settings-azure-ad
      OneLogin Docs: https://onelogin.service-now.com/kb_view_customer.do?sysparm_article=KB0010818
      Dynamics 365 Community: https://community.dynamics.com/forums/thread/details/?threadid=7122773b-02fd-420f-a397-28faf092d516

  • BW-15082100-0 Profile Picture
    BW-15082100-0 13 on at
    Nour,
     
    Could i get more specifics on your reply?
     
    1. Check SAML Configuration
      • Ensure that the SAML assertion includes all required claims (e.g., NameID, email, userPrincipalName).
      • Verify that the audience URI and recipient URL match the expected values in Dynamics 365.
        1. Again, how to I check this in the Dynamics 365 environment which is cloud-based and not on-prem – I am thinking via Power Platform Admin Center?  If so, not familiar with that environment
    2. Dynamics 365 Setup
      • Confirm that the Azure AD tenant is correctly linked to your Dynamics 365 environment.
      • Check if the user exists in Dynamics 365 and is assigned the correct security roles.
        1. This issue currently happens for ALL users when trying to access Dynamics 365 through the OneLogin portal
    3. OneLogin Settings
      • In OneLogin, verify that the application connector for Dynamics 365 is up to date.
      • Make sure the X.509 certificate used for signing is valid and matches what Dynamics expects.
        1. Where do I check for these as we don’t have an on-prem server but rather Dynamics 365 cloud based

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
Siv Sagar Profile Picture

Siv Sagar 93 Super User 2025 Season 2

#2
#ManoVerse Profile Picture

#ManoVerse 76

#3
Martin Dráb Profile Picture

Martin Dráb 64 Most Valuable Professional

Last 30 days Overall leaderboard

Featured topics

Identifying an Org as CDS or Dynamics
Get batch job history log from D365 FO to Power Automate
Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans