Symptom
Users are accessing the instance through the SSO using the SP-Initiated login URL and are getting directed to the IdP login page for them to enter credentials and then authenticate.
Environment
SAP SuccessFactors HXM Suite
Reproducing the Issue
- Enter the SP-initiated login URL in the browser (example: https://performancemanagerX.successfactors.com/login?company=XXXX or https://performancemanagerX.successfactors.com/login?company=XXXX&loginMethod=SSO);
- User is redirected to the IdP login page;
- User enters IdP credentials > user is authenticated and then redirected to the SF Homepage.
Cause
The SF URL link calls the IdP provider which is why the IdP login page appears. After entering the credentials, the IdP provider validates and matches the user in SF. If they meet the criteria, it calls upon the authentication and directs you to the SF Homepage.
Resolution
This is the expected behavior for SP-Initiated logins. You will need to enter your credentials into the IdP login page first before you can enter the SF Homepage.
Moreover, an active IdP session must be open for the SP-Initiated URL to directly log you into the SF instance.
To illustrate further, the process workflow is:
SP-initiated login URL in browser > IdP Login Page > Enter credentials > SF Home page
NOTE: If you want to bypass this, please check with your IdP provider on how to remove the IdP login page to directly log into the SF Homepage using the SP-initiated login URL.
See Also
Keywords
SP initiated login URL, SSO, behavior, IdP login page, SF home page, Successfactors URL, credentials , KBA , LOD-SF-PLT-SAM , SAML SSO First Time Setup , Problem