<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Resolve the User Single Sign Out Error "FAILURE: Invalid nameID"
Sep 23, 2024
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

The Single Log out process will throw the following error when a user attempts to log out using Single Log Out:
 

FAILURE: Invalid nameID

 

Applies To
  • Single Sign On
  • Single Log Out (SLO)
  • Application assignment
Cause

This issue is caused by the different string values found in the application assignment compared to what the application expects.


The SSO will work as expected since the application may not treat the username as case-sensitive when matching the user.


However, when the single log-out is triggered, Okta will be required to match the string of the username from the app with the exact value in the application assignment


For example, for the user: "testTestingTest@tesT1".com in Okta, if the username on the app side is all lowercase, the SLO will fail.
 

Solution

The solution for this type of error is to apply a language expression for the application username format that will update the username into a lowercase string:

  1. First, review How to update the application username format with a custom expression.
  2. Then, use the following expression: String.toLowerCase(user.login).

NOTE: "user.login" can be replaced depending on the use case. 

Recommended content

Still looking for help?
Loading
How to Resolve the User Single Sign Out Error "FAILURE: Invalid nameID"