Users gets XML Access Denied message during portal SAML authentication of GlobalProtect App in Chromebooks

Users gets XML Access Denied message during portal SAML authentication of GlobalProtect App in Chromebooks

5132
Created On 04/24/23 23:29 PM - Last Modified 01/24/25 22:01 PM


Symptom


  • Chromebook trying to connect using GlobalProtect.
  • During authentication with Portal using SAML, Browser displays XML "Access Denied" message.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message> <<<<<<<<<
<RequestId>A10WKATFXMGH3MVB</RequestId>
<HostId>S0e8W1iVYEnqrjI0axuqaQz/uEmoYcJ3osu88fp1woQGMZJWyST2J0kEr2M4NwsFun0G5+jm4+8</HostId>
</Error>


Environment

Cause


  • The issue is with the redirection URL not invoking the application instance.
  • This leads that the deep link in broken state on the Android OS.
  • The broken link causes xml error to be displayed when trying to authenticate using the default browser.

Resolution


  1. To fix the issue, in Chromebook change the setting to "Open in GlobalProtect" to launch the application after the authentication is complete.
  2. To control whether links open within GlobalProtect or in a new browser tab within Chrome, follow the below steps.
  • At the bottom right, select the time
  • Select Settings > Apps and >Manage your apps
screenshot for setting
                      
                       screenshot for app


          3. Select an app (GlobalProtect).
          4. Under “Opening supported links,” select "Open in GlobalProtect" .

     Screenshot for open in Globalprotect
    

Additional Information


 It appears to be a known bug in Chrome 40+

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kHjzCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language