Skip to main content
AT&T Community Forums
Protect yourself online
Learn how
EMDG01's profile
EMDG01
#1 Star!

Contributor

 • 

1 Message

Wednesday, April 3rd, 2019 9:43 PM

SAML 2.0 authentication failed

I have both yahoo.com and att.com email addresses, both of which I access through my Yahoo! Mail. I had to change my password for the att.net mail today, and now every time I try to go that account using my laptop, I get this:

 

SAML 2.0 authentication failed

Error details
FBTSML215E The name identifier policy in the authentication request could not be met by this identity provider.

Stack trace

 

I can access the account on my phone.  How do I fix this issue on my laptop?

Questions

37.8K

236

0

Mz.Am.Staff

Teacher

 • 

21 Messages

5 years ago

You dont get an answer from yahoo.
 
You are forced to create the secure password thing (OAuth) which is the password you put in the 3rd party email program pop accounts - it has to be done through MyATT account - dont do it through yahoo otherwise yahoo becomes the default. The email secure password, shields your original password - the one you use to login online. 
 
If phone is pop, you will lose all the file folders so to retrieve them delete pop acct, create imap. My sbcglobal on phone is pop my att net on phone is imap. I have all folders under imap but none under sbcglobal. Give all the changes 24-48 hrs.
 
After you do all that, start.att.net or att.net. the att/ yahoo screen will pop up but the actual login parameters are att not att.yahoo. so after everything is accepted, you now land in yahoo but its not a true yahoo account like when you have a yahoo.com email. 
 
I spent 5 days attempting to log in, i copied the full att login message, saw the ssl, went to an ssl testing site, ran the start.att.net address which found the failing certificate errors at the KeyId and BaseId lines aside from the certificate expiring in may,  so i updated a bunch of ssl certificates on my laptop. I also did a web inspection thingy in chrome and found other errors
 
And the red triangle over email icon, is caused by your area code phone number. I live in or-e-gon so i chose the closest location in or-e-gon for my pacific time zone - wrong, phone number is ca, changed time zone to city location in ca and the red triangle disappeared - time zone is location of where telephone number originated.
 
I hope all this helps. I know its a pain and not right that we the customers have to upgrade our end when the company can not create the blanket protection on their end

0

0

Mz.Am.Staff

Teacher

 • 

21 Messages

5 years ago

Let me repeat this again: jumping back and forth between browsers is not the answer because that error is logged in the temp internet files as the controlling cookie, until cache is cleaned.  See answer of May 9th of this topic. Therein lies the problems and the answers. 

0

0

_xyzzy_

Expert

 • 

15K Messages

5 years ago

You are forced to create the secure password thing (OAuth) which is the password you put in the 3rd party email program pop accounts - it has to be done through MyATT account - dont do it through yahoo otherwise yahoo becomes the default. The email secure password, shields your original password - the one you use to login online.

You are not "forced", at least not yet.  But it does avoid accessing the account password which for legacy accounts has become corrupted in many cases due to the "great unmerge" fiasco.  That's the reason behind all the "change your password" suggestions to try to correct the account data.

 

And OAuth has nothing to do with the secure mail key.  They are distinct.  If an client doesn't support OAuth (2 or 1 they don't say in the doc but probably OAuth2) the secure mail key can be used instead.

 

If phone is pop, you will lose all the file folders so to retrieve them delete pop acct, create imap. My sbcglobal on phone is pop my att net on phone is imap. I have all folders under imap but none under sbcglobal. Give all the changes 24-48 hrs.

If you are currently using POP you don't not have to switch from POP to IMAP if you desire to stick with POP.  Both are supported and work fine (contrary to any att docs you might read).

 

Let me repeat this again: jumping back and forth between browsers is not the answer because that error is logged in the temp internet files as the controlling cookie, until cache is cleaned. See answer of May 9th of this topic. Therein lies the problems and the answers.

Well I guess you didn't read and understand my post 6 either!  You cannot seem to understand that the set of cookies is unique to each browser (similarly the browser cache).  There is no such thing as a "controlling cookie" that spans browsers or "internet files" (whatever that means).  A browser's entire world is contained in its "profile" (folder of all its data - each browser has it's own profile) and that's all the browser knows about.  The idea of using another browser for comparison is a troubleshooting step before you decide whether it's worth nuking the cookies in the preferred browser.  That's all it's for.

0

0

Mz.Am.Staff

Teacher

 • 

21 Messages

5 years ago

Browers have specific preferences that a user can program and that is a far as it goes - its technically not a Profile. Temp internet files are little bits of info gather from the various sites visited - i know i have used temp internet files to retreive data - and are a stored cache on your computer until deleted. Profiles are geared specificly for email and 3rd party email programs.

 

In reference to 'att docs read' Sorry, but i havent read any ATT docs that is trail and error experience with imap vs pop. Speaking directly to programming 3rd party email apps on laptop: After i created a new att.net email came in like a champ - sbcglobal didnot. Both accounts were pop. The sbcglobal acct start working after I got an OAuth.

 

I have dealt with this inability of not receiving sbcglobal email for almost the better part of a year nothing to this extreme of being denied access to my email via online logging. I had a secure OAuth on sbcglobal for a couple of months then removed it, access via 3rd party email was denied but online access was granted, then online access was denied. ATT  ***** when they shifted all the real MaBell accounts into yahoo with its aol viral programming. 

 

[Per Guidelines: Keep it Relevant and Appropriate]

 

 

0

0

Mz.Am.Staff

Teacher

 • 

21 Messages

5 years ago

I wasnt finished when my android so rudily uploaded. . . i have used and compared https:// att login line in two different browers the denial of access is and was still the same. I did however, do reading on ssl, and certification expiring. The only extremely minor differences were found under inspection and those were non-event items, like advertising banner width. 

 

And if know some handy-dandy programming work-around to bypass in user name log in is false thereby denying access, bring it on. Print the code, the registery edit, the bat or dat file. TRULY claim title of SOLVED SOLUTION. Be King for a day.  

You have your belief on cookies i have mine. You deny the existence of temp internet files, i know they exist. To both of these points WE WILL AGREE to disagree on the cookie & temp file issue because frankly, those two background programming issue are NOT a major life activity of concern. Good day enjoy your evening

0

0

_xyzzy_

Expert

 • 

15K Messages

5 years ago

@Mz.Am.Staff 

Browers have specific preferences that a user can program and that is a far as it goes - its technically not a Profile.

Completely incorrect.  PERIOD.  Some illustrations here.

 

Temp internet files are little bits of info gather from the various sites visited

Yes, those are your site cookies - AND THEY ARE STORED IN THE BROWSER'S PROFILE as I've repeated been stating.   Flash cookies are stored system wide but aren't pertinent to the problems stated here.

 

i know i have used temp internet files to retreive data - and are a stored cache on your computer until deleted.

On most OSs there is a system wide data cache and a per user cache but again they have no effect on a browser's behavior.  Even cache data is tied to the app that created it.

 

The sbcglobal acct start working after I got an OAuth.

OAuth or the secure mail key?   You couldn't have been using both unless OAuth also (now) accepts the secure mail key.

 

...when they shifted all the real MaBell accounts into yahoo with its aol viral programming.

Att is not shifting the legacy accounts to yahoo, they are unmerging them from yahoo -- or at least attempting to.  That's what's causing all these account problems.

 

...when they shifted all the real MaBell accounts into yahoo with its aol viral programming.

While the accounts are being unmerged from yahoo att still uses yahoo as their email service provider and as such unfortunately and apparently subject to their terms of service (TOS).  Since yahoo is a subsidiary of OATH (not to be confused with OAuth security), and so is AOL, att is also under OATH's TOS as well and its TOS that can be considered the most insidious given they say they are going to mine all your email for all it's worth.

 

You have your belief on cookies i have mine. You deny the existence of temp internet files, i know they exist. To both of these points WE WILL AGREE to disagree on the cookie & temp file issue because frankly, those two background programming issue are NOT a major life activity of concern. Good day enjoy your evening

I explained above cookies and caches.  Mine is not a believe, it is fact.  You care to not believe it.  Fine, so as you say, we'll agree to disagree.

 

### END OF DISCUSSION ###

0

0

ttowndc

Contributor

 • 

1 Message

5 years ago

Just set up a new email at a att.net address and received "welcome" notice upon completion. We have an older fully functional email acct.at a bellsouth.net address. When trying to access the new acct. at att.net I receive a SAML.2.0 authentication failure screen notice. What is this and what can I do to access and use the new email acct.?

0

0

ATTHelp

Community Support

 • 

231.3K Messages

5 years ago

Hello there, @ttowndc.

There is currently a known issue with email accounts receiving an SAML error when attempting to access webmail. Some users have had success downloading their mail via a mail client using IMAP, so we believe you might as well.

We are currently working towards a resolution for the SAML errors, and we appreciate your patience while we investigate.

If you have any other questions about AT&T products or services, we're always happy to help.

Alexander, AT&T Community Specialist

0

0

kelly.teninty

Tutor

 • 

4 Messages

5 years ago

SAML 2.0 authentication failed

 

Error detailsFBTSML215E The name identifier policy in the authentication request could not be met by this identity provider.

 

Stack trace



An error has occurred

 

Error details. An error occurred fulfilling the current request to https://zlp42606.vci.att.com/sps/authservice/authentication. 
This error was caused by an internal/unexpected error on the invoked protocol module leading to the exception displayed below. 
Please validate the configuration of the executing protocol and environment. 
This is not a problem with the SPS. 

 

Stack trace

0

0

SuperMario87

Employee

 • 

237 Messages

5 years ago

You can try to login to your email through https://login.yahoo.com/ and see if that works

0

0

Related Conversations

Loading...

Did this help you?

Tags

No tags available

Not finding what you're looking for?
Ask a question
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.