Zone Admin unable to access Edge SSO Zone Administration page from Edge UI.
The Zone Admin sees the following error while trying to access the Edge SSO Zone Administration page:
Unauthorized Request: invalid token
|Cause||Description||Troubleshooting instructions applicable for|
|Not using Edge user account||Trying to access the SSO Zone administration page while authenticated using Identity Provider (IDP).||Edge Public Cloud users|
||Edge Public Cloud users|
Cause: Not using Edge user account
- Check to see if your organization is SAML enabled and that it was done using the steps described in Enable SAML.
- If yes, then ensure that you have a valid Edge User account and the Zone Administrator role has been granted to you.
- Make sure that you aren’t logged in using SAML IDP credentials, as the SSO administration happens outside your organization.
You can’t access the Edge SSO Zone Administration page with your company single sign-on (SSO) credentials as documented in Explore the Edge SSO Zone Administration page.
Ensure that you login with Edge user account while accessing the Edge SSO Zone Administration page.
Cause: Other issues
You may not be able to access the SSO Zone Administration page after the organization has been mapped to the identity zone or the browser cache may not be cleared.
Try the steps described in Resolution and then check to see if you are able to access the SSO Zone Administration page.
- Logout from your current session.
- Navigate to the Edge SSO administration page directly by accessing the following URL
- If you are still seeing the same error, access the above URL using an incognito window.
- If you are able to login using an incognito window, you should be able to login from a regular browser window after clearing your browser cache and cookies.
- If your browser doesn’t allow incognito mode, clear the browser cache and cookies and try to access the SSO Zone Administration page again.
If the problem still persists, go to Must gather diagnostic information.
Must gather diagnostic information
If the problem persists even after following the above instructions, gather the following diagnostic information. Contact Apigee Support and share the following information with the support team:
- Generate and share the HTTP Archive (HAR) file on your browser for further analysis.
- Start recording right before you login up to the time you observe an error message on screen.
For help on how to record and download HAR files, see the following: