Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Accessing a Space in a AzureAD tenant on a mobile device will not display a logout button.

 

Session Timeout

 

Session timeouts are configured in

Frevvoproduct
and in the Azure SAML IDP.  If a user's session ends before the IDP timeout is reached, they will automatically be logged back into
Frevvoproduct
if they try to access it again. It is recommended that the
Frevvoproduct
session timeout and the IDP session timeout be configured for the same value.

 

Embedding Forms/Flows in your website

 

Embedding forms and flows into your website when using the Azure/SAML Security Manager, will work in the following scenarios :

Info

Embedding forms and flows into your website is NOT supported if the the visibility of the form is set to Public in Tenant and the user is NOT already authenticated to Azure SAML. This is because frevvo must direct the user to the IDP login screen and the browser will not allow loading the IDP login page in frevvo's form iframe.

Troubleshooting 

Skew error when logging into an Azure tenant

Users logging into a Live Forms Azure SAML tenant may encounter the error "Access Denied.  Authorization Required". Examination of the frevvo.log shows the following entry:

 

Response issue time is either too old or with date in the future, skew 60, time 2016-06-01T05:49:25.330Z
 

This error is typically caused by a clock synchronization issue between the SP (frevvo) and the Idp (Azure) or a genuine delay in the connection. If you get this error, you can change the value of the context parameter, com.frevvo.security.saml.response.skew, to specify the time in seconds allowed between the SAML request and response to a value greater than the default value of 60 seconds.

...