/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
Microsoft ADFS or Entra ID(Azure AD) is set as a Corporate Identity Provider to delegate authentication from an Identity Authentication tenant.
Authentication is not working on the ADFS or Entra ID(Azure AD) side and either of the following messages is seen:
The SAML authentication request element 'Scoping' is not supported.
The SAML authentication request property 'Scoping/ProxyCount' is not supported.
Encountered error during federation passive request.
System.Xml.XmlException: MSIS0018: The SAML protocol message cannot be read because it contains data that is not valid. ---> System.UriFormatException: Invalid URI: The format of the URI could not be determined.
Sometime unexpected behavior occurred in Entra ID(Azure AD) side when Scoping tag in the SAML request.
Read more...
Environment
Identity Authentication
Product
Keywords
sci cloud identity ias AADSTS900236 , KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)