SSO FAQ

Below are some of the most frequently asked questions about SSO and their answers.

What is the SSO response URL?

The SSO response URL is a general way of asking for the platform URL. You may call it by the platform name, such as Okta, AzureAD, Pind Fedra, or ADFS.  

What does the “Invalid SAML response received: PreSignUp failed with error Unable to automatically create SSO-enabled account. Confirm SSO details have been configured for user” error mean? How do users get permissions? 

This error indicates that the user entered into the log-in fields is not a user in Built. The user may be provisioned in your system; however, they must be added to Built to complete the process and successfully log in as that user. To add the user, the Lender Admin for your institution can [add a user], or you can contact your Client Success Manager or Implementations Manager and have them add the contact for you. This error applies to our Draw (CLA) and Deal Management solutions.       

What does the “Invalid SAML response received: PreSignUp failed with error {“errors”: [“Missing email address”]}” error mean? 

This error indicates that we haven’t received an email address attribute for this login or the email address doesn’t match what we have on file. Since these attribute records have to match exactly, we advise not using the email address as the name attribute. Enter the email address again and confirm it’s correct. If you receive the same error, contact your Implementations Manager and provide the email and name attributes for them to update.       

What does the “Invalid Email Address: Your account is not set up for single sign on. Please contact your IT administrator for more information” error mean?

This error indicates that your Org ID has already been set up, which means you can’t use your email address to log in anymore. Instead, enter your Organization ID in the field below to log in.

Can Built auto-provision users? 

Not at this time. Auto-provisioning entails custom coding for each client. Our current process enables us to get our clients up and running as fast as possible while we continue to develop.

What is an Org ID or Organization ID? What should I put for it when logging in?

An Org ID is a security measure that redirects users from your lending institution to your login screen for Built. Your organization’s Built sponsor, typically the person who has Lender Admin access for your institution, set up the Org ID with Built during your implementation. Please reach out to them to obtain the correct information. 

How should I send my SAML 2.0 metadata? URL or XML file?

Either option is fine, but we prefer you send us a URL. The URL information updates automatically if there are any changes. Sending us the URL means that we can get that information ourselves rather than have you send us an updated file.

Can I use IDP-initiated auth?

At this time, we only support SP-initiated auth. Anything using IDP initiated auth, even if it is just a part like the test button in OKTA, isn’t supported at this time.