Maximo

Maximo

Come for answers, stay for best practices. All we're missing is you.

 View Only

  • 1.  Authentication failed for Maximo Mobile for EAM version 9 with SSO

    Posted 2 days ago

    Hi All,

    We have upgraded from Mobile 8.10 to Mobile 9 to satisfy the authentication flow to pass through the web browser rather than the native application in-app browser like it does on Mobile for EAM 8.10.

    We have SSO enabled and applied conditional access policy on the Azure App. Also configured useSystemBrowserLogin=True in MDM configuration properties for Android and ios.

    But it seems useSystemBrowserLogin=True works only with Maximo Mobile (MAS app) and not applicable for Maximo Mobile for EAM app. Also, EAM app can't send the Device ID as part of device response and thus conditional access policy needs to be built without using Device ID. Here we have confirmed with Azure team on Conditional access policy that it's not possible to exclude device id from the policy as ENTRA will validate login attempt as "success" only by using the device id. 

    When we set useSystemBrowserLogin=True property in MDM, app is capturing DEVICEID in Azure sign in logs but the Mobile App is not showing login successful due to "Authentication Failed" error.

    Has anyone faced this issue with Maximo 7.6.1.3 and Maximo Mobile for EAM 9.0.

    Appreciate your valuable inputs.

    Thanks.



    ------------------------------
    Bincy Jose
    ------------------------------


  • 2.  RE: Authentication failed for Maximo Mobile for EAM version 9 with SSO

    Posted yesterday

    We are also having similar issue and Mobile 8.x EAM authentication failed with access denied. Case opened with IBM for longest time yet no solution. 



    ------------------------------
    Jignesh Shah
    ------------------------------

    Original Message


  • 3.  RE: Authentication failed for Maximo Mobile for EAM version 9 with SSO

    Posted 22 hours ago
    Edited by Larry van Elewoud 22 hours ago

    Hi Bincy, are you being redirected to the login page of the identity service provider? And is Maximo open to the internet or is it behind a proxy?

    We have 2 customers using Entra (1 on iOS and 1 on Android). Both working successfully with sending device id. Both on Maximo EAM 7.6.1.3. This is only possible as from version 9.0. So the upgrade has been a good idea. On Android you should also set enable browser access in Microsoft Authenticator (settings -> Device registration -> <your company> -> Enable Browser access -> continue and accept certificate)

    For SAML to work on mobile, the maximo property "mxe.useSAML" should be set to one (to have the redirect to the login page specified in your SAML configuration). In some situations ldapisform also needs to be set to 1 if I'm correct.

    Make sure you are member of the applicable AD groups. And if behind a proxy, the proxy should be set to pass through (as pre-authentication won't work)

    Hope this will help you out a bit.

    Cheers,

    Larry



    ------------------------------
    Larry van Elewoud
    Technical Engineer
    Gemba Service B.V.
    Netherlands
    ------------------------------

    Original Message


Related Content