SAML SSO fails with "We couldn't log you in. This may be for a variety of reason. We suggest trying again."

Platform Notice: Data Center Only - This article only applies to Atlassian apps on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

SSO login fails with "We couldn't log you in. This may be for a variety of reason. We suggest trying again."

Environment

Single or multi node Jira DC behind a reverse proxy or load balancer.

Diagnosis

The following error is logged:

Received invalid SAML response: The response was received at <ANOTHER_URL>/plugins/servlet/samlconsumer instead of <BASE_URL>/plugins/servlet/samlconsumer

Cause

This error occurs after a change to the Jira base URL, if the same change isn't applied to the proxyName parameter in server.xml.

Solution

  • Apply the change to server.xml and restart Jira.

  • When retesting immediately after the change, make sure to be on incognito mode.

Updated on October 28, 2025
Platform
Data Center only
App
Jira Software Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community