/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
The authentication response sent by the Identity Authentication Service to the Application contains the message "The user [...] is not provisioned for Service Provider [...]", as can be seen in the SAML trace (see SAP KBA 2461862):
<Response ...>
<ns2:Issuer>xxxxxxx.accounts.ondemand.com</ns2:Issuer>
<Status>
<StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
<StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"/>
</StatusCode>
<StatusMessage>The user [PXXXXXX] is not provisioned for Service Provider [...]</StatusMessage>
</Status>
</Response>
In the Troubleshooting log, the following error is displayed:
Identity Provider could not process the authentication request received due to error on its own side.The user [Pxxxxxx] is not provisioned for Service Provider [<sp_URL>] Caused by: javax.security.auth.login.AccountException: The user [Pxxxxxx] is not provisioned for Service Provider [<sp_URL>] Caused by: The user [Pxxxxxx] is not provisioned for Service Provider [<sp_URL>]
Read more...
Environment
Identity Authentication Service
Product
Keywords
sci, cloud identity, access, not provisioned for service provider, ias , KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)