SSO integration method change from Azure.
Issue: After changing the SSO Integration from Azure to SAML, error ” User Login Failed 216" is thrown, but Azure AD works fine.
Resolution: On verification, it is found that the SAML configuration is using the user.name but as per the documentation the value passed in the prioritized claim is used by UiPath as a unique identifier and is used to link any existing local users (using the local user's email address) to this directory user in Azure AD.
For a smooth switch between Azure AD and SAML directory integration, it is recommended to pass in both of these claims with the appropriate user values, so update the user.mail as value in Unique User Identifier (Name ID).
Refer the below screenshot to make changes:
- Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator
- Browse to Identity > Applications > Enterprise applications > All applications
- Select the application, select Single sign-on in the left-hand menu, and then select Edit in the Attributes & Claims section
- Update the user.mail as value in Unique User Identifier (Name ID).