If you're experiencing issues logging in through AD SSO in Freshservice, here are some troubleshooting steps to follow:

  1. Check if the agent is using the correct email address associated with the AD account to log in.
  2. Make sure the user profile on AD has permission to use SSO. Sometimes, users may not have access to the SSO configuration or app in the idP.
  3. Verify that the user unique identifier in the SSO configuration is mapped to the correct AD attribute. The value in the attribute should match the email in the agent profile in Freshservice. Freshservice uses the AD profile's email address as the parameter for authentication to locate their profile on Freshservice