"No attribute was found to generate the nameIdentifier" error when trying to log into Zendesk using the SSO integrations

lihua.zhang · December 7, 2022, 1:33am

Problem Statement

When trying to log into Zendesk using the SSO integrations, users experience the error:

No attribute was found to generate the nameIdentifier. We tried with: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

Cause

The Zendesk integration tries to generate the SAML assertion’s NameIdentifier using the email address of the user profile. The issue is caused by the user not having an email address in the user profile.

Solution

Identify why your user doesn’t have an email address in their user profile. Most probably, the upstream identity provider isn’t sending an email address back to Auth0, or you haven’t configured the correct user attribute mapping on either the Identity Provider end or Auth0 end.

To fix the issue, configure the upstream identity provider to send an email address or fix the profile mapping of the related Auth0 connection.

Topic		Replies	Views
Invalid_request: No attribute was found to generate the nameIdentifier. We tried with: Help login-experience , login-prompt-new-experience	2	484	February 29, 2024
Login Error - No attribute was found to generate the nameIdentifier Help authentication , login , error	5	3228	March 4, 2021
Error using SMAL2.0 Help	4	2484	March 19, 2021
Email Attribute Is Missing from Okta SAML Login Knowledge Articles email , okta , saml2 , idp , mapping	1	1600	January 30, 2024
Missing Custom Attributes in Zendesk when Using SSO Integration Knowledge Articles zendesk , sso-integration , custom-attributes	1	97	July 9, 2024

"No attribute was found to generate the nameIdentifier" error when trying to log into Zendesk using the SSO integrations

Problem Statement

Cause

Solution

Related Topics