So the customer (as one user) goes to the Google Classroom portal and selects our product’s icon. Google Classroom must redirect the browser to Auth0 and run our Rules, but we see no evidence of that in Auth0 logs or in the real-time debugger on the rule (this is a problem we need to fix so we can diagnose the district’s problem). The problem appears to be that the username we got from Google Classroom is different from that of the user who is doing the SSO access. In any event, the Rules cannot find the user in our product’s database (the wrong user), and fails. So our product tells the user he is not authorized to access our product.
If we had some evidence in Auth0 of the login attempt, we could confirm why the Rules returned the error that it did. Auth0 logs SSO access attempts from other districts, but not from Bakersfield (that is, with the connection name “Bakersfield” or “BakersfieldSpanish”). So we need help to know what is happening during the Bakersfield attempt to connect to our product through SSO.
If the real-time debugger on the rule logged any information that included the connection name, we could not see it in the log.