Symptom
- Fiori client fails to connect using SAML2 Native IdP (Identity Provider).
- Fiori client succeeds when using SAP IdP.
- HCPms HTTP log shows an HTTP 403 Error:
10.108.119.16 (199.76.27.101) - - [22/Feb/2016:13:43:52 +0000] GET /favicon.ico HTTP/1.1 403 134 24 mobile-xxxxxxxxxx.us1.hana.ondemand.com:443 - html5 app log shows:
2016-02-19T18:07:50,866+0000#4149787290#ERROR#Authentication failed. Reason: Service Provider does not match specified audience in the SAML2Assertion.
2016-02-19T18:09:03,915+0000#3626450359#ERROR#Authentication failed. Reason: Service Provider does not match specified audience in the SAML2Assertion.
2016-02-19T18:10:13,173+0000#1715283892#ERROR#Authentication failed. Reason: No RelayState cookie found in the request. SAML 2.0 authentication failed.
For more details on SAML2 setup see Configure Trust to the SAML Identity Provider in Reference Section below.
Read more...
Environment
Hana Cloud Platform mobile service (HCPms)
Product
SAP Mobile Platform 3.0 ; SAP Mobile Services 1.0, Neo environment
Keywords
HCPms SAML2 native IDP identity provider , KBA , MOB-CLD , Cloud Platform Mobile Services , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.