Overview
When you sign up for Evernote Teams, you can enable single sign-on (SSO) to increase control and security over your Evernote account. After configuring your Evernote account with your Identity Provider, you may run into some errors if any steps during setup were missed or misconfigured. Below is a table with account login errors and some troubleshooting suggestions to fix them. If needed, refer to the following articles about SSO as well:
Errors
Error message | What it means | Details |
---|---|---|
SamlConsumerAction.error.authnFailed | You have entered an incorrect username and/or password. | We received a SAML response from the Identity Provider where response.status.statusCode != success. This is most likely due to incorrect login credentials. Try again with the correct credentials. |
SamlConsumerAction.error.authnFailed.tryAgain | You have entered an incorrect username and/or password. | This occurs when attempting a Service Provider-initiated login. We received a SAML response from the Identity Provider where response.status.statusCode != success. This is most likely due to incorrect login credentials. Try again with the correct credentials. |
SamlConsumerAction.error.noMatch | We are unable to identify an Evernote Teams user or pending invitation for the email address. | We could not find a user account matching the "subject" specified in the SAML Assertion received from the Identity Provider. This is typically the user’s email address if everything is set up correctly with the Identity Provider (in other words, if other users are able to use SSO successfully). However, you may also get this error if the Identity Provider was not set up correctly. For example, if the Identity Provider was configured to provide users' last name in the subject of the SAML Response instead of the email address, you may encounter this error. |
SamlConsumerAction.error.noAssertionSubject | The Assertion from your company's Identity Provider does not contain a subject. | Contact your Identity Provider, as this is issued by them in the SAML response. This document contains a generic SAML response for demonstration purposes. |
SamlConsumerAction.error.noSubjectNameID | The Assertion subject from your company's Identity Provider does not contain a NameID. | Contact your Identity Provider to debug and fix this configuration. |
SamlConsumerAction.error.noSubject | The response from your company's Identity Provider does not contain the required NameID identity. | Contact your Identity Provider to debug and fix this configuration. |
SamlConsumerAction.error.match | We encountered an unexpected error. | Contact Evernote Support. |
SamlConsumerAction.redirect.wait | Please wait... | Wait and try again. |
SamlConsumerAction.message.loggedOut | We have identified an existing Evernote Teams account. | Sign in to continue. |
SamlConsumerAction.error.unmarshall | The response from your company's Identity Provider does not appear to be well-formed. | Contact your Identity Provider to debug and fix this configuration. |
SamlConsumerAction.error.Assertion.count | Evernote requires that SAML responses contain exactly one Assertion. | Check your SAML response for more than one Assertion. Evernote requires only one Assertion with nameID or Attributes of the user after the initial authentication process. |
SamlConsumerAction.error.expired | Your session expired. | This occurs when attempting an Identity Provider-initiated login. The expiration time of the SAML Assertion received from the Identity Provider is earlier than "now" (when we are evaluating the response). Close the window and try again. |
SamlConsumerAction.error.expired.tryAgain | Your session expired. | This occurs when attempting a Service Provider-initiated login. The expiration time of the SAML Assertion received from the Identity Provider is earlier than "now" (when we are evaluating the response). Close the window and try again. |
SamlConsumerAction.error.nosig | This SAML response is not signed. | Check your SAML response to ensure that it’s signed before trying to log in again. This document contains a generic SAML response for demonstration purposes. |
SamlConsumerAction.error.sig.profile | This SAML response is not correctly signed. | Check your SAML response to ensure that it’s correctly signed before trying to log in again. This document contains a generic SAML response for demonstration purposes. |
SamlConsumerAction.error.authn.count | Evernote requires that SAML Assertions contain exactly one auth statement. | Sometimes Identity Providers can issue more than one auth statement in the SAML Response. Evernote requires exactly one. Contact your Identity Provider to debug and fix this configuration. |
SamlConsumerAction.error.wrongEmail | Authorization with your company was not successful. | This can happen if you are authenticated to your company with the wrong account, or if the email address that your company has on file does not match the team email address on file in Evernote. Contact your SSO and Evernote Teams account admin to ensure that the email address in your Identity Provider matches the email address assigned to your Evernote Teams account. |
SamlConsumerAction.error.notSso | Single sign-on has not been activated for your Evernote account. | Double check the steps you took to enable SSO in Evernote. See Configure SSO for your Evernote Teams account for SSO setup instructions. |
SamlConsumerAction.error.admin | Please relay the error message to your Evernote Teams account admin for help. | Contact your Evernote Teams account admin to make sure your account is provisioned (if not using SCIM), and that there are no other issues with your Identity Provider at this time. If the problem persists, contact Evernote Support. |
SamlConsumerAction.error.session.expiration | Evernote requires authentication statements that grant secure sessions for at least two hours. | Contact your Identity Provider to debug and fix this configuration. |
SamlConsumerAction.error.response.required | A SAML response is required. | A SAML response from your Identity Provider is required to successfully use SSO with Evernote Teams. |
SamlConsumerAction.match.error.cert | Your company's X.509 certificate appears to be invalid. | Revisit your Identity Provider’s X.509 certificate. When pasting it in Evernote’s SSO setup page, make sure you are including the BEGIN and END statements. |
SamlConsumerAction.match.error.noCert | Your company hasn't provided an X.509 certificate. | Ask your Evernote Teams account admin to add your Identity Provider’s X.509 certificate to Evernote’s SSO setup page. |
SamlConsumerAction.match.error.sig | The signature on this security Assertion didn't pass validation. | The X.509 certificate that your company has provided may be out of date. |
SamlConsumerAction.error.inlineInvitePending | Source INLINE is not permitted when a user has not joined the team. | Contact your Evernote Teams account admin to make sure you’ve been added to the team account before using SSO to login to Evernote. |
Updated