SSO/SAML login fails with "Received invalid SAML response: Timing issues (please check your clock settings)"

Cross Product Knowledge

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Server and Data Center Only - This article only applies to Atlassian products on the server and data center platforms.

  

 

Summary

Users are unable to login via SSO. 

Diagnosis

The application logs show:

2021-05-31 09:42:54,405+0200 http-nio-8080-exec-18 ERROR anonymous 582x862402x1 ci3y7s 172.26.82.75,172.26.10.3 /plugins/servlet/samlconsumer [c.a.p.a.i.web.filter.Erro
rHandlingFilter] Received invalid SAML response: Timing issues (please check your clock settings)
com.atlassian.plugins.authentication.impl.web.saml.provider.InvalidSamlResponse: Received invalid SAML response: Timing issues (please check your clock settings)


Cause

The error is self-explanatory and points to clock synchronization issues between the IdP and the SP (the Atlassian product). 

Solution

  • If logins to multiple SPs are impacted the issue most likely lies with the clock of the IdP server.
  • If only logins to the Atlassian product are failing, the clock needs to be fixed on the product server. 
  • System clocks are usually kept in sync via NTP (Network Time Protocol). Infrastructure admins need to make NTP is syncing and the time delta is negligible. 


Last modified on Jun 1, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.