Students can't login to Adobe Spark

Hi Alisterblack:

They previously signed in. I set up SSO with G suite for education so my students log in with the same school credentials. It worked before and I haven't done anything different. Should I delete their accounts in the adobe admin console and start over?

Thanks

Hi,

No, I would not delete the accounts at this stage.

Looking at the logs on your console I am only seeing successful sign-ins, no errors. It may be worth checking on the Google side if your certificate has expired - Maintain SAML certificates - G Suite Admin Help

At this point you probably need to open a support ticket with us. They can ask for a SAML trace which will show the communication that is happening during the authentication process and that will indicate if the correct parameters are being passed over.

Hi:

I checked the certificate and it's current. It won't expire until Sept 4, 2023. I want to open a support ticket at this point. I was hoping to teach Spark today, but it looks like it won't happen. How long will it take for this issue to be fixed?

Thanks

Hi,

To open a support ticket go to the Support tab of your admin console. My colleagues will be able to triage your issue and give a likely timeframe for resolution.

Hi Alister:

After I clicked on the support tab, I don't see an option to open a support ticket. My options are: Manage support cases, chat with adobe customer support and request expert session. I tried the last two options last night and didn't get me anywhere. Is there a number I can call or an email?

Hi Ben,

There is a number in the top right hand corner of the support page. I'll DM it to you also.

Hi again Alister:

So this morning I used a few of my students' accounts to log into Adobe Spark from a desktop computer in the lab. I was able to log in successfully, but when I tried the same student login from my school laptop it didn't work. I keep getting the same error message "access denied". The same thing happened when I tried the student login from my home laptop. Shouldn't you be able to access Spark from anywhere? I'm having a hard time understanding why.

Any thoughts?

Ben

Hi,

Yes, you can access Spark from anywhere. The issue is with your Single Sign-On configuration (this is why Adobe ID is ok). This could be if your Assertion Consumer Service (ACS) is set to use https instead of http.

I followed the instructions on the Adobe SSO setup page word for word and didn't have issues until a couple of days ago. Is there a way you or I could check if the ACS settings are ok?

Hi Ben,

To clarify - you were able to log in via SSO from outside your network until a couple of days ago?

Can you log into services other than Spark with your Federated ID? For example, adobe.com or the Creative Cloud Desktop App? Could this have been blocked at the firewall level or by proxy, VPN or antivirus tools at the external location? Can you try with another browser, or by using an incognito browsing session? Sometimes an ISP will even block certain services or endpoints.

From the Admin Console everything seems correct and your logs show no sign-in errors.

Your ACS is set to use https - this is the setting in the Adobe Admin Console called IdP issuer.

That information comes from the Entity ID in the Google IdP Information screen.

This seems to auto-populate and I am not sure if this is something you can edit.

Hi Alister:

I'm able to log in to my own account from anywhere and from any browser. Spark is the only service that I have at this time.

The issue is when I use some of my students' accounts to log in to Spark from my laptop. I was able to log in with my students' accounts in an incognito browser. When I go back to the regular Chrome browser, the only time I can log in with my students' accounts is when I clear the cache, exit the browser, and reopen it but I find myself doing this every single time.

Hi Ben,

Okay, we are narrowing this down then.

It indicates a browser issue, maybe caused by an add-in with your browser such as a pop up blocker.

Can you install another browser such as Edge or Firefox?

Hey Alister:

So I did try with Firefox and it worked. What would I need to do to make it work in Chrome again without having to clear the cache?

I was also wondering if you could help me with another issue: After I set up SSO in G-Suite for education, I created a shortcut icon for Spark so that when students click on it, it takes them directly to the site. Instead, the oka page comes up. I'm attaching a couple of screenshots.

Hi,

Great, I am glad that works for you. For Chrome, do you have any add-ins with the browser that might be causing an issue? Is the browser up to date?

For the other issue, is the short cut simply set to the Spark page? https://spark.adobe.com/

Alister:

The add-ons I have for Chrome are: screencastify, adobe acrobat, google docs offline, okta secure authentication plug-in, adblock plus, grammarly, and G Suite training.

When I set up Spark in G-Suite for education, it was done like this:

Should I add anything in the "Start URL" field?

Thanks

Did you receive my message?

Hi Ben,

Sorry I am on a different continent to you - hence the delayed response.

The Chrome version of safe mode is incognito mode and we already know that this works ok. All you can do is remove all the add-ins and add them back one at a time until you can replicate the problem. However at this stage it is a Chrome issue. Personally I would just use a different browser.

I don't think there is an issue with your SSO setup.

Hi Alister:

No worries. If the setup is correct, then why do I get the "Okta" page after clicking on the spark icon in G-Suite? Shouldn't I be taken straight to Spark instead?

Thanks

Ok, so I guess it didn't make sense to set up a Spark icon in G-Suite.

Thank you so much for your help Alister.

Ben