/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
- The SuccessFactors instance is SSO enabled and integrated to ADFS as Identity provider.
- Failing to Login when using SFSF instance URL (such as performancemanagerX.successfactors.eu/.com or hcmX.sapsf.eu). However, when using direct IdP URL SSO, similarily to http://sso.XXXXXX.com/adfs/ls/idpinitiatedsignon.aspx?loginToRp=https://www.successfactors.com/CCCCCC, login is successful.
- IdP ADFS 2.0 is throwing the following error: "MSIS0037: No signature verification certificate found for issuer ' www.successfactors.com'"
Environment
- SAP SuccessFactors HXM Suite
- Microsoft ADFS (Active Directory Federation Service)
Cause
SuccessFactors system is not identifying itself with the informed entityURL = www.successfactors.com when using SP-initiated SSO login
Resolution
***To implement this solution or workaround, access to the Provisioning page is necessary. Only certified Partners and Support engineers are granted Provisioning access. If you lack access, consider creating a Support case or ask your Partner to adjust your configuration***
- Go into instance's Provisioning > Single Sign-On (SSO) Settings > SAML v2 : SP-initiated login section
- Set value to "Yes" on "Send request as Company-Wide issuer"
See Also
- 2088150 - Troubleshooting Login Issues for SAP SuccessFactors HXM Suite (Main Documentation)
- 2088838 - How to Update SSO Certificates/Tokens in SuccessFactors HXM Suite (SSO-specific)
Keywords
ADFS, Azure, ADFS 2.0, Sp-initiated login, SSO SAML v2, MSIS0037, SP-initiated login, No signature verification certificate found for issuer , KBA , LOD-SF-PLT-SEL , SSO Errors & Logs , Problem
Product
SAP SuccessFactors HCM Suite 1608 ; SAP SuccessFactors HCM Suite 1611
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)