Troubleshooting Login Issue with SOTI Connect via SOTI Identity using SSO Accounts

Unable to log into SOTI Connect via SOTI Identity using SSO accounts. When attempting to log in from SOTI Identity, the message 'Access to this application has been denied. Please contact your administrator' displays, as shown below.

The issue occurs even though the user has been assigned a role. After logging into SOTI Connect using a local user account, the user attempting to log in has been added successfully under users and permissions.

The following error is logged in the corresponding Management Service logs:

SOTI_Identity user has no roles and no default role is defined. User access denied.

HAR log shows:

"text": "{\"message\":\"Authorization has been denied for this request.\"}"

SAML Tracer log shows:

"method": "GET",
      "url": "https://scp*****.soticonnect.cloud/Connect/#/error?msg=access_denied&login=false",
      "requestId": "11950",

SOTI Connect version: 2024.1.0.7405 

The root cause is the deletion of the default admin roles from the Users and Permissions tab in the SOTI Connect console.

This action sets the 'Default Permission' in General Configurations to NULL in Global Settings. 

To resolve this issue:

1. Go to Global Settings > General> General Configurations > Default Permission.

2. If the Default permission is set to NULL, set it to "Global Administrator" or the admin role that you have in SOTI Connect.