User received the invite from the portfolio manager but logged in using another email id. User is not able to access any Highlight resources but can see the message Successful login. You dont have a role associated to your user account yet. Please contact your Portfolio Manager. This screen appears when no roles are defined for the login.
Details
This may happen, if the instance is configured with "Autopopulate:true" at COMPANIES > SAML Management. User account is then created automatically with the email address the user attempted to log in which then becomes the one associated to the user in the IdP and becomes an activated (saml) user in Highlight. User may be able to login to Highlight but may not be able to access any Highlight resources. For more details please refer CAST Highlight SAML/SSO Integration with Identity Providers (IdP)
Since it is not the SAML invite sent by the portfolio manager to the user, the user has accessed, the user's status in Highlight will still show as invited and the user may not be able to access the resources allocated for the particular role the invite was sent.
In this scenario it is suggested to remove the user account which has the invited (saml) status at MANAGE PORTFOLIO > Users & Apps and edit and add the appropriate role to the activated (saml) user. Since the user status is invited, there are no results attached with the account, so the invite can be deleted without any risks.
Additional Resources
CAST Highlight Troubleshooting Guides
CAST Highlight Product Documentation
Ticket
47791, 38681, 45164
Comments