After launching the DocuSign SAML app from the Okta Dashboard, some users are being prompted to enter their DocuSign login information instead of being authenticated into the app. If the user tries to authenticate using their DocuSign email, then they will be redirected back and asked for the email again.
- DocuSign authentication loop
- Single Sign-On
- All Platforms
The username sent from Okta is incorrect and DocuSign cannot verify the user's identity. Instead of throwing a SAML error, DocuSign redirects to the login screen asking for credentials. Since SSO is enabled, login with credentials on the same flow is now possible and thus the user experiences a login loop.
If this is impacting all assigned users then make sure the Application username format is configured correctly to send the corresponding username for DocuSign. Once any changes are made to the username format, make sure to click Apply Now to apply the selected mapping to the assigned users.
If this impacting some users only and the username format is correct, chances are the non-impacted users are recently assigned/created. This could be due to the Update application username on option being set to create only. In order for the username format change to apply to the already assigned users as well, the option needs to be changed to create and update.
