No connections enabled for the client, but SAML connection is enabled

Hello,

I have configured Auth0 as a SAML Service provider.
So I have an Application with a SAML connection enabled.
I don’t have any other connection enabled.
I’m using the ASP.NET Core: login sample app (Auth0 ASP.NET Core MVC SDK Quickstarts: Login)

When I try to login for the first time it works. Then I logout, and then I cannot login anymore, I have this error: no connections enabled for the client.

Even If I clear my browser cache or try with another browser that I never used to login on this app.

Could you help me understand why the error said that I have no connection enabled despite I have the SAML connection enabled ?

Thank you for you help

Here is the stack trace:

System.Exception: An error was encountered while handling the remote login.
—> Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: ‘invalid_request’, error_description: ‘no connections enabled for the client’, error_uri: ‘error_uri is null’.
— End of inner exception stack trace —
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

1 Like

I’m having this same issue with my new SAML connection. I can get it working by going to the SAML settings, then Login Experience, then checking “Display connection as a button”. The problem with this is I want a seamless transfer from application to my SAML SSO without the intermediate step of clicking an Auth0 button to get to the SSO. I’m even using a custom domain where the entire request chain takes place on the same root domain.

Also, if you go in Auth0 to Monitoring → Logs, you should see your error there too. Mine looks like this (with some details redacted):

{
  "date": "2021-05-21T21:08:57.032Z",
  "type": "f",
  "description": "no connections enabled for the client",
  "connection_id": "",
  "client_id": "{removed}",
  "client_name": "AFS Tools",
  "ip": "169.236.236.7",
  "user_agent": "Chrome 90.0.4430 / Mac OS X 10.15.7",
  "details": {
    "body": {},
    "qs": {
      "redirect_uri": "https://{removed}",
      "client_id": "{removed}"",
      "audience": "https://{removed}"",
      "scope": "openid profile email",
      "response_type": "code",
      "response_mode": "query",
      "state": "TlUwbnIyTnJZV2J3UUxtUC51aFdyU0JJUFVLZHNRTzRGOGdZVTZTflBLcQ==",
      "nonce": "{removed}",
      "code_challenge": "{removed}",
      "code_challenge_method": "S256",
      "auth0Client": "{removed}"
    },
    "error": {
      "message": "no connections enabled for the client",
      "oauthError": "no connections enabled for the client",
      "type": "invalid_request",
      "uri": null
    },
    "session_id": "9HcPWfgJ45w_pHQLUjOXfy2hQmzCacSt",
    "riskAssessment": null
  },
  "hostname": "{removed}",
  "audience": "{removed}",
  "scope": [
    "openid",
    "profile",
    "email"
  ],
  "auth0_client": {
    "name": "@auth0/auth0-angular",
    "version": "1.4.0"
  },
  "log_id": "90020210521210901940429323720986967569746751436739313666",
  "_id": "90020210521210901940429323720986967569746751436739313666",
  "isMobile": false
}

Hello Roger, I confirm I have the same error in the monitoring logs.

I found a workaround : disable “New” Universal Login to choose the “classic” one.

But it means that we cannot choose the New Universal Login.

@Auth0Team are you aware of this bug ? Thank you !

Thanks for reporting that will relay it to appropriate team!

Have you tried switching back again to New? For some of our customers it worked we’re still researching the root cause

I received an email from your dev support team :
To use the New universal login :
“You will have to enable the “Display connection as a button”, you can do this from your SAML connection > Login experience tab in the Dashboard.”

Then it worked.

3 Likes

Perfect! Thanks for sharing it with the rest of community!