topic SSO with Azure Active Directory : Authentication failed in Administration & Architecture https://community.databricks.com/t5/administration-architecture/sso-with-azure-active-directory-authentication-failed/m-p/39445#M305 <P>I have a Databricks account with the E2 version of the Databricks platform. The unified login is not enabled on the account because it was created before June 21, 2023.</P><P>I configured SSO authentication for the account and for a given workspace (separately). Both configurations use the same identity provider at the account level and at the workspace level. The identity provider is an Azure Active Directory tenant.</P><P>The SSO account level configuration use the OpenID Connect (OIDC) protocol as it is recommended by the documentation. <A href="https://docs.databricks.com/en/administration-guide/account-settings-e2/single-sign-on/azure-ad.html" target="_blank" rel="noopener">https://docs.databricks.com/en/administration-guide/account-settings-e2/single-sign-on/azure-ad.html</A></P><P>The SSO workspace level configuration use the SAML protocol. <A href="https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/azure-ad.html" target="_blank" rel="noopener">https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/azure-ad.html</A></P><P>The <EM>Allow auto user creation </EM>and <EM>Allow IAM role entitlement auto sync</EM> features are not activated.</P><P>The <EM>SCIM provisioning</EM> feature is not activated. We want to have a successful authentication before activating it.</P><P>We followed every step of the documentation but we still receive the following error message : <STRONG>Single Sign-On authentication failed</STRONG>.</P><P>We verified every configuration values and read the <EM>Troubleshooting</EM> section of the documentation. <A href="https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/index.html#troubleshooting" target="_blank" rel="noopener">https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/index.html#troubleshooting</A></P><P>I installed the SAML Tracer extension and analysed the SAML response. I seems that it is correctly signed. You can find it inside the file attached to this message.</P><P>Any help would be really appreciated,</P> Wed, 09 Aug 2023 13:16:05 GMT fradetjulien 2023-08-09T13:16:05Z SSO with Azure Active Directory : Authentication failed https://community.databricks.com/t5/administration-architecture/sso-with-azure-active-directory-authentication-failed/m-p/39445#M305 <P>I have a Databricks account with the E2 version of the Databricks platform. The unified login is not enabled on the account because it was created before June 21, 2023.</P><P>I configured SSO authentication for the account and for a given workspace (separately). Both configurations use the same identity provider at the account level and at the workspace level. The identity provider is an Azure Active Directory tenant.</P><P>The SSO account level configuration use the OpenID Connect (OIDC) protocol as it is recommended by the documentation. <A href="https://docs.databricks.com/en/administration-guide/account-settings-e2/single-sign-on/azure-ad.html" target="_blank" rel="noopener">https://docs.databricks.com/en/administration-guide/account-settings-e2/single-sign-on/azure-ad.html</A></P><P>The SSO workspace level configuration use the SAML protocol. <A href="https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/azure-ad.html" target="_blank" rel="noopener">https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/azure-ad.html</A></P><P>The <EM>Allow auto user creation </EM>and <EM>Allow IAM role entitlement auto sync</EM> features are not activated.</P><P>The <EM>SCIM provisioning</EM> feature is not activated. We want to have a successful authentication before activating it.</P><P>We followed every step of the documentation but we still receive the following error message : <STRONG>Single Sign-On authentication failed</STRONG>.</P><P>We verified every configuration values and read the <EM>Troubleshooting</EM> section of the documentation. <A href="https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/index.html#troubleshooting" target="_blank" rel="noopener">https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/index.html#troubleshooting</A></P><P>I installed the SAML Tracer extension and analysed the SAML response. I seems that it is correctly signed. You can find it inside the file attached to this message.</P><P>Any help would be really appreciated,</P> Wed, 09 Aug 2023 13:16:05 GMT https://community.databricks.com/t5/administration-architecture/sso-with-azure-active-directory-authentication-failed/m-p/39445#M305 fradetjulien 2023-08-09T13:16:05Z Re: SSO with Azure Active Directory : Authentication failed https://community.databricks.com/t5/administration-architecture/sso-with-azure-active-directory-authentication-failed/m-p/62060#M929 <P>where you able to resolve this? we too face same error</P> Tue, 27 Feb 2024 06:37:36 GMT https://community.databricks.com/t5/administration-architecture/sso-with-azure-active-directory-authentication-failed/m-p/62060#M929 146404 2024-02-27T06:37:36Z