If SSO does not function as expected, review the log file that is located at /var/log/cb/coreservices/debug.log.

You can also inspect the actual SAML requests being sent and the responses being received by increasing the logging level of the cb.flask.blueprints.api_routes_saml and saml2 modules.

To increase the logging level of cb.flask.blueprints.api_routes_saml and saml2 modules:

1. Open the /etc/cb/coreservices-logger.conf file.

2. Append cb.flask.blueprints.api_routes_saml and saml2 to the list of keys under the [loggers] section.

   [loggers] section example:

   keys=root, gunicorn.access, cb.flask.blueprints.api_routes_saml, saml2

3. Paste the following below the [loggers] section in the coreservices-logger.conf file:

   [logger_cb.flask.blueprints.api_routes_saml]

   level=DEBUG

   handlers=debug_syslog

   qualname=cb.flask.blueprints.api_routes_saml

   propagate=1

4. Paste the following below the [loggers] section in the coreservices-logger.conf file:

   [logger_saml2]

   level=DEBUG

   handlers=debug_syslog

   propagate=0

   qualname=saml2