This article describes the process to resolve the error mentioned below, which occurs when a specific user is unable to log in:
SAML external identity '<username>' already exists for user '<numerical userid>'.
You may encounter this error when you have recently changed the external identifier in Azure AD or other SAML-SSO settings.
In the log files, the following additional errors are displayed:
User <username> not found in external identity table
There was an error during SAML authentication
The error indicates that Jive cannot match the existing external identity, stored inside Jive, with the one coming from SAML. The solution is to reset the External Identity for this user.
- Navigate to Jive Admin Console > People Search.
- Delete the affected user by clicking the little red X in the External Identity section.
If you remove the entry for a user from the table, it will automatically be generated on the next user login.
If it still does not work, you may need to:
- Navigate to Admin Console > People > Settings > Single Sign-On > SAML > User Attribute Mapping
- Check the checkbox “Override with Assertion Attribute” and set the external identity to the field that you want to use (e.g. username).
At the next login, the user should be able to log into the instance again. If not, please open a ticket in the Jive Support Portal.