If you run into any issues with your SAML integration, you may find the following tips helpful:
I get an error when testing my SAML integration. Why?
There should be an attribute with the "EmailAddress" name in the SAML Assertion. Smarp needs this attribute in order to identify the user that is logging in. "EmailAddress" is the exact attribute name which is expected: it is case sensitive and should not have any prefixes inside the name. Azure tends to add the 'http://schemas...' prefix to all assertion attributes by default but it should not be in the "EmailAddress" attribute. It should be displayed like this:
Any prefixes for “EmailAddress” and also other mandatory attributes must be removed on Azure's configuration side in order to successfully integrate with Smarp.
An error that might indicate that email attribute is wrongly configured or missing is this one:
If the "EmailAddress" attribute is correct and you still receive an error, please contact Smarp Support from the button below and we'd be happy to help.
I am testing the SAML Integration and Smarp is asking me to set a password. Why?
The password configuration step (and usage of password in general) is disabled for the domains where SAML SSO is enabled. When testing the SAML integration, SAML SSO it is not yet enabled on the domain. Therefore asking to set the password is the standard behavior. Once SAML SSO is enabled on your domain, users would not see this step anymore.
Our SAML integration is working but no new users have been updated to Smarp despite being added to our AD. Why is that?
Users are not automatically added to Smarp once users are correctly configured on your IdP, instead their accounts are created once they log in to Smarp for the first time. As long as users are correctly configured in your IdP, they will be able to access Smarp by clicking the 'Login with Single Sign On'-button on your company Smarp domain and create an account this way. When a user logs in the first time, you will then be able to see them in your Users-list in Smarp. Only users added to your IdP group will be able to access Smarp. For more information on how users sign in with SAML, see here.