Overview:
When a user logs into CRM for iPad, an error message appears:
Authentication failed. Please contact your system administrator.
Root Cause:
This error can occur when the correct credentials are used but the Enable Third Party Authentication setting does not match the user setup.
Solution:
There are two solutions depending on whether the user is a Single Sign-On (SSO) user or not:
- If the org is not configured for Third Party Authentication and the user is not an SSO user, disable the Enable Third Party Authentication setting.
- If the org is configured for SSO, specifically Delegated Authentication with tokens, and the user is using this specific SSO to authenticate, the Enable Third Party Authentication setting needs to be enabled.
If the user is using standard Delegated Authentication without tokens, the Enable Third Party Authentication setting should not be enabled. Please find the CRM Knowledge Article below for more information regarding the Enable Third Party Authentication setting, THIRD_PARTY_AUTH_URL, and THIRD_PARTY_APPLIESTO_URL. The CRM Help documentation attached has more information about Delegated Authentication with and without tokens.
To view the Authentication Settings:
- On the iPad, click the Home Button once so that the iPad is on the home screen.
- Navigate to Settings --> Veeva CRM --> Enable Third Party Authentication.
- If SSO is not being used, the Authentication Settings can be disabled which allows the user to login with a username and password.
Related Documentation:
CRM Help Documentation:
CRM Knowledge Article: Are THIRD_PARTY_AUTH_URL and THIRD_PARTY_APPLIESTO_URL Required When Using SSO Login in CRM?