p_smith2
Community Novice
‎10-16-2017 02:40 AM

Account does not exist error after creation via API

We have a Canvas instance using SAML login from an external site. The external site has details for user accounts on it that need to be copied to the Canvas site on login, and we settled on a solution of directing unknown users to a URL where we run some custom code to create their account via the Canvas API.

This works fine, except that the first time the user visits Canvas after their account has been created, they receive a message to say an account for them doesn't exist. This error appears no matter how long the user is delayed before visiting the site, and an API callback confirms that their account does exist and has been created. If the user refreshes the page, they are logged in as expected.

Does anyone have any ideas what might be triggering this error?

Labels (1)
Labels
Tags (1)
0 Kudos
Reply
2 Replies
stuart_ryan
Coach Emeritus
‎10-18-2017 01:36 AM

Hi  @p_smith2  and Welcome to the Canvas Community,

That is definitely a conundrum. A few questions for you:

  1. Are there any optional/non-default parameters you are passing in the create call? Specifically I would be looking at things such as:
    1. 'user[terms of use]
    2. 'user[skip_registration]'
    3. 'pseudonym[send_confirmation]'
    4. 'pseudonym[force_self_registration]'
    5. 'pseudonym[authentication_provider_id]'
    6. 'force_validations' and 'enable_sis_reactivation'
    7. Also to clarify, you are using email address for the 'pseudonym[unique_id]' and;
    8. Are you populating a 'pseudonym[sis_user_id]'?
  2. We use Shibboleth at UTS also and I can provide what we use below. I would be curious to see if your setup is matching/different for any of the parameters:
    1. 'user[terms of use] = (not populated)
    2. 'user[skip_registration] = true'
    3. 'pseudonym[send_confirmation] = false'
    4. 'pseudonym[force_self_registration] = false'
    5. pseudonym[authentication_provider_id] = saml'
    6. 'force_validations = (not populated)' and;
    7. 'enable_sis_reactivation = true' 
  3. Have you checked out SAML debugging feature within Canvas? https://community.canvaslms.com/docs/DOC-4093-configuring-shibboleth-and-canvas-authentication#jive_...  This is extremely handy and could lead to some additional information. It tends to generate a lot of logs, so trying it out on your Test/Beta environment when you can ensure nobody else is logging in would be the best option. When we started out, we found the SAML debugging also gave handy information that assisted with configuration and testing. I would be looking to see if there is any difference between the initial failed call, and the second successful call, from either the Shibboleth side or the Canvas side. Your Shibboleth server logs could be handy here also.
  4. When we started out, setting up all our API integrations, we ran into some issues, most of which were logic issues that we struggled to interpret the error message. We contacted Support and they were able to look into the back-end error logs and provide us a much more logical generated error message with additional detail that immediately led us to discover the issue. Granted this was when the API itself generated an error, but may be relevant here also. Therefore, another option would be to reach out to them to see if they have any additional error logs that may identify the culprit. I would recommend creating a new account, trying to log in, then refreshing and note the exact time at each step so that the logs can be reviewed, also doing this in line with step 3 above could provide additional correlation. (This one was invaluable for us).

I hope that helps and gives a good starting point, curious to hear you come back and see if any of this has helped towards a resolution or with more information!

Cheers,
Stuart

Reply
stuart_ryan
Coach Emeritus
‎10-31-2017 12:37 AM

Hi  @p_smith2 ,

I thought I would check in and see if anything I raised helped you towards a resolution? If not, please let me know and I can try to help out with more info. If it did, could you please mark the question as answered.


Look forward to hearing from you.

Stuart

Reply