What can cause the signature to not authenticate in an SSO embed URI?

Knowledge Drop

Last tested: Oct 19, 2020

If the signature is not authenticating, you will know by this error message:
'signature' param failed to authenticate

Likely Causes

  1. The SSO secret in the Looker instance and the SSO secret in the SSO embed script are not the same.
  2. The signature portion of the embed parameters are being concatenated in the wrong order in the URL generation script (proper order is doc'd here)
  3. There is a line break in one of the parameters that makes up the URL, which can be missed after encoding
  4. The script is modifying the signature after generating it, or failing to encode it properly (compare against our script examples).

For steps to troubleshoot, check this article.

This content is subject to limited support.                

Version history
Last update:
‎05-07-2021 09:48 AM
Updated by: