This content from the SAP Concur Community was machine translated for your convenience. SAP does not provide any guarantee regarding the correctness or completeness of this machine translated text. View original text custom.banner_survey_translated_text
Concur Mobile App updated and now does not work. Concur version 10.15.1 is not working with Apple's IOS 18 for SSO (Single Sign on users).
You can open the app
Enter your email
Click on SSO (sometimes its there sometimes not)
log in as you normally would the 1st time
then it routes you to our company's sso home page. If you click on anything you will get stuck in a loop until you restart the app
Many of our employees are experiencing this as well as people outside of my company.
In addition tried to put in a ticket, but the support website is down and have been on hold waiting for Concur IT to answer for a long while now.
edit 2024.09.30 12:47 PT
I tested Concur app on multiple users phones since I posted this. i.e. user has IOS version 17.7 (21H16) and when updated to Concur Mobile App version 10.15.1 can no longer get in either.
I spoke with IT, they said they will put in two tickets since I could not. I have yet to receive those emails and still cannot get into Support.
edit 2024.09.30 13:15 PT
Can get back into Concur support, ticket was created for Concur Mobile App issue 24266606
edit 2024.10.01 10:06 PT
update readers: I have verified with multiple iPhone users with various phones and system versions, IOS all versions work up through Concur mobile app version 10.14.0.2409031209 Even IOS Beta 18.1 (22B5054e), but as soon as you update the Concur Mobile app to any version after that it does not work.
So far with my ticket in with Concur has stated the following (i.e. major change with NO communications to Admins that I can find). I have asked for documentation of this and we are looking at our SSO now too. Will come back and update if we fix on our side.
Concur has incorporated a relaystate parameter in the authentication request. It is crucial to collaborate with your IT team to ensure that the relaystate query string parameter is permitted/enabled. They should be able to identify where relaystate is not being passed along and determine where it is being dropped.
Depending on the IdP configuration, certain customers may be set up to use the IdP-initiated endpoint (such as Ping), which may not be configured to accept relayState. As a result, a more extensive reconfiguration of their IdP is required.
Additionally, in the same scenario, clients have the option and are encouraged to transition to SAML2, which follows a proper SP-initiated SSO flow. The effort required to reconfigure the IdP and transition to SAML2 is comparable.
Solved! Go to Solution.