Attempting to login to K2 with ADFS results in error: "WIF10201: No valid key mapping found for securityToken"
KBS100258
PRODUCTIssue
When attempting to login to K2 with ADFS, the following error is presented:
ADFS was configured as per:
https://help.k2.com/onlinehelp/k2five/icg/5.3/default.htm#Configure/SF/MultiAuthADFS.htm
Symptoms
The likeliest cause of this error is hidden characters and/or leading/trailing white spaces.
Copying the thumbprint from the Certificate details window and deleting the in-between spaces will usually introduce this issue:
The following PowerShell can be used instead to retrieve the token signing thumbprint and will not introduce hidden characters or white spaces:
$a = Get-AdfsCertificate -CertificateType Token-Signing
$a.Thumbprint
Troubleshooting Steps
To check if your thumbprint is valid via SQL Management Studio, replace the placeholder value {NameOfYourADFSClaimIssuer} and run the following SELECT query against your K2 database:
WHERE WName] = '{NameOfYourADFSClaimIssuer}'
A datalength of 80 indicates a clean thumbprint value. A datalength greater than 80 indicates hidden characters and/or leading/trailing white space.
Alternatively, you can also export the
To resolve the issue, navigate to the issuer in the K2 Management site, use 'CTRL + A' to select all characters in the thumbprint textbox (visible or hidden) and delete the value, then manually type in the thumbprint. You can also use NotePad++ with ANSI encoding to ensure that hidden characters and spaces do not exist if copying and pasting; or the Powershell previously provided.