Hmm... We're having trouble logging you in.

We had a similar issue with our Jira Cloud. We use SSO via Active Directory in order to allow our internal employees/contractors to access the site using their SSO credentials.

The SAML error seemed to have occurred when the user went through a name change or some adjustment in Active Directory.

The user had a previous account to the instance of Atlassian, due to an email address change (we use email for login usernames via SSO) and what we had to do was have the user install SAML-Tracer Chrome add-on and run it when logging in to the Jira site.

We then sent this data over to the Atlassian support team and they were able to determine that there was a conflict where the unique Atlassian ID was trying to be duplicated to the newer account in order to allow SSO authentication, but the existing account (active or not) was already assigned this unique ID, and could not be duplicated, thus the Atlassian ID was not getting assigned and the SAML error would appear.

The SAML-tracer would allow the Atlassian tech to see the Atlassian ID, and then when referencing the older account, found the unique ID and determined that the old account had to be deleted so that the Atlassian ID could then be assigned to the new account.

I had to delete the old account, and the Atlassian tech had to remove it from the "recycle bin" that held on to the account for 14 days (otherwise we'd have had to wait for 2 weeks) and then when the user attempted to log in with the new account, it worked.

I think we attempted to log in to the old account and change the email info but that did not work since we use SSO and the account email was not able to be changed.

Hope this helps!

Hello @thiwankaw

Welcome to the Atlassian Community!

By the description of your error, it seems there is some misconfiguration in the SAML integration of your site.

Can you confirm if you are the site-admin of your Jira? Also, is any error returned by your identity provider?

If you are a site-admin and there are no errors returned by your identity provider, please follow the steps of this documentation to properly troubleshoot the problem:

1 - Go to your Atlassian account login screen (httops://id.atlassian.com), click Can't log in? and follow the prompts.

2 - If resetting the password doesn't help, you can troubleshoot from admin.atlassian.com. Before you began configuring SAML, you created an Atlassian account that uses an email address with an unverified domain and made that user an organization admin. Log in with that account to troubleshoot seamlessly because so that you won't have to authenticate with SAML:

1. Go to the SAML single sign-on page for your organization to fix or disable SAML sign-on for the rest of your users.

2. If you're still having trouble, delete the SAML configuration to go back to password authentication with the Atlassian account.

   P.S: If you delete the SAML configuration, you can invalidate all your users' passwords in the password policy screen, which will prompt users to go through the password reset process for an Atlassian account password.

Let us know if you have any questions.