An Identity Authentication tenant returns the message in subject when an authentication request is done from a specific Service Provider. This can be checked via a SAML trace (see SAP KBA 2461862).
In case the Service Provider is an SAP BTP subaccount, 500 error on the screen can be seen.
In the Troubleshooting log, the following error is displayed:
message=Identity Provider could not process the authentication request received due to error on its own side.An unexpected exception occurred. See call stack for details. Caused by: Signature of the SAML2 protocol token cannot be validated because neither primary nor secondary certificates are available in the configuration
sci, cloud identity, btp, HTTP Status 500, An internal error occurred, Request, portal, web ide, webide, certificate, missing, invalid, configured, Identity Provider could not process the authentication request received due to client error.The digital signature of the received SAML2 message is invalid. Caused by: Signature not valid! , KBA , BC-IAM-IDS , Identity Authentication Service , BC-NEO-SEC-IAM , Authentication, Authorization(Cloud Platform Neo) , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.