You're viewing Apigee Edge documentation.
Go to the
Apigee X documentation. info
Symptom
Zone Admin unable to access Edge SSO Zone Administration page from Edge UI.
Error message
The Zone Admin sees the following error while trying to access the Edge SSO Zone Administration page:
Unauthorized Request: invalid token
Possible causes
| Cause | Description | Troubleshooting instructions applicable for |
|---|---|---|
| Not using Edge user account | Trying to access the SSO Zone administration page while authenticated using Identity Provider (IDP). | Edge Public Cloud users |
| Other issues |
|
Edge Public Cloud users |
Cause: Not using Edge user account
Diagnosis
- Check to see if your organization is SAML enabled and that it was done using the steps described in Enable SAML.
- If yes, then ensure that you have a valid Edge User account and the Zone Administrator role has been granted to you.
- Make sure that you aren’t logged in using SAML IDP credentials, as the SSO administration happens outside your organization.
You can’t access the Edge SSO Zone Administration page with your company single sign-on (SSO) credentials as documented in Explore the Edge SSO Zone Administration page.
Resolution
Ensure that you login with Edge user account while accessing the Edge SSO Zone Administration page.
Cause: Other issues
Diagnosis
You may not be able to access the SSO Zone Administration page after the organization has been mapped to the identity zone or the browser cache may not be cleared.
Try the steps described in Resolution and then check to see if you are able to access the SSO Zone Administration page.
Resolution
- Logout from your current session.
- Navigate to the Edge SSO administration page directly by accessing the following URL
URL: https://apigee.com/sso - If you are still seeing the same error, access the above URL using an incognito window.
- If you are able to login using an incognito window, you should be able to login from a regular browser window after clearing your browser cache and cookies.
- If your browser doesn’t allow incognito mode, clear the browser cache and cookies and try to access the SSO Zone Administration page again.
If the problem still persists, go to Must gather diagnostic information.
Must gather diagnostic information
If the problem persists even after following the above instructions, gather the following diagnostic information. Contact Apigee Edge Support and share the following information with the support team:
- Generate and share the HTTP Archive (HAR) file on your browser for further analysis.
- Start recording right before you login up to the time you observe an error message on screen.
For help on how to record and download HAR files, see the following:
- Chrome browser: Save all network requests to a HAR file
- Other browsers: How to get a HAR capture