Help debugging issue with SAML

Description

Hello! I was hoping for some help debugging an issue with have with SAML and Rocket.chat. We have successfully been using Rocket.chat with SAML ( Duo DAG ) for SSO for server for several months with tremendous success. But yesterday I noticed a problem when a new user attempts to log in. When they click on the SAML Login button, they are redirected to the Duo DAG Idp. After successfully authenticating, they are redirected back to the Rocket.chat server but they are presented again with the SAML Login Button. Existing users have no issue logging in.

I enabled SAML debugging on RC, and I can see the data being returned from the Idp, which all looks correct. All the expected fields are populated with valid data. I see no obvious error, but I do see this message.

I20200206-11:24:20.155(0) Meteor ➔ method public-settings/get -> userId: null, arguments: [{}]

Now, if I go into RC and manually create the account before SAML uses it, then everything works splendidly.

If if it matters the Rocket.chat server does not have access to AD.

Any pointers on where to look?

Thank you!

Warren.

Server Setup Information

  • Version of Rocket.Chat Server: 2.4.5
  • Operating System: Centos 7
  • Deployment Method: tar
  • Number of Running Instances: 1
  • DB Replicaset Oplog:
  • NodeJS Version:
  • MongoDB Version:
  • Proxy: nginx
  • Firewalls involved: