<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009XeUt6CAFOkta Classic EngineAuthenticationAnswered2026-02-25T09:00:25.000Z2023-08-09T15:28:50.000Z2023-10-18T15:40:44.000Z

wnyb4 (wnyb4) asked a question.

August 9, 2023 at 3:28 PM
Mimecast Okta app validate identity error

We currently have 2 Mimecast Okta applications that are working correctly. One is for Admins and the other is for personal users. We've created a custom read only role within Mimecast and have created a new Okta application for this read only app to be assigned to auditors.

 

I've already worked with Mimecast support on this and we've confirmed that role, profile, and application setup on Mimecast has been properly setup. However, when I go to click on the Okta app use for this Mimecast read only with my test user that's been assigned this read only role I recieve the error message "Sorry, we're having trouble logging you in. This is because we can't validate your identity. Please tell your organization's administrator that this is likely to be caused by a SAML issue."

 

I've reviewed the SAML trace and confirmed the certificate is correct cert that's showing on Okta and uploaded to Mimecast. I've also adjusted the Okta Sign On to use email as the application user format since this is the only format Mimecast currently supports.

 

Thanks in advanced,

Taylor

  • 1 answer
  • 1.09K views

  • Mihai N. (Okta, Inc.)

    Hi @wnyb4 (wnyb4)​ , Thank you for reaching out to the Okta Community!

     

    Unfortunately, there are not enough details here to offer any on-point troubleshooting advice and the error message is too generic to offer any insight into what is going on. 

    Similar reports have been documented to have been caused by anything from misconfiguration on the Mimecast side to misconfiguration on the Okta side to improper syncing of information from AD to Mimecast.  

     

    The only thing that I can offer is to double-check that you hit the "update now" option when making changes to the application username format in Okta, as the assignment is not updated automatically if the users were already assigned when making the change. 

     

    Beyond that, please open a case to work with one of our Support Engineers that can go over the configuration with you and help get to the bottom of things. 

     

     

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

    --------------------------------

    Okta Identity Engine (OIE) Ask Me Anything: Get answers from product experts by clicking here.

     

    Expand Post
    Selected as Best

  • Mihai N. (Okta, Inc.)

    Hi @wnyb4 (wnyb4)​ , Thank you for reaching out to the Okta Community!

     

    Unfortunately, there are not enough details here to offer any on-point troubleshooting advice and the error message is too generic to offer any insight into what is going on. 

    Similar reports have been documented to have been caused by anything from misconfiguration on the Mimecast side to misconfiguration on the Okta side to improper syncing of information from AD to Mimecast.  

     

    The only thing that I can offer is to double-check that you hit the "update now" option when making changes to the application username format in Okta, as the assignment is not updated automatically if the users were already assigned when making the change. 

     

    Beyond that, please open a case to work with one of our Support Engineers that can go over the configuration with you and help get to the bottom of things. 

     

     

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

    --------------------------------

    Okta Identity Engine (OIE) Ask Me Anything: Get answers from product experts by clicking here.

     

    Expand Post
    Selected as Best
This question is closed.
Loading
Mimecast Okta app validate identity error