2891275 - IAS: Sorry, but you are currently not authorized for access

Symptom

SAML 2.0 authentication when using SAP Cloud Platform Identity Authentication Service (IAS) fails and a similar error to below is recorded:

**************************************
Sorry, but you are currently not authorized for access
**************************************

Screenshot of the error:

IAS error.png

The Troubleshooting log is showing one the following error. This log is viewable only in IAS administration console.

cause=rbaRulesCheckFailure, message="Denied by RBA rules" or "Authentication error.User not found: xxx Caused by: Could not find user <e-mail> in mongo DB."

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

SAP Cloud Platform Identity Authentication Service

Product

SAP Business Technology Platform all versions ; SAP Cloud Identity Services all versions ; SAP Integrated Business Planning 1808 ; SAP Integrated Business Planning 1911

Keywords

sso single-sign-on login.failed artifact JAVA Service Provider SP Identity Provider IdP Issue Instant is not valid SAP Production ABAP R/3 ERP SRM CRM ERP PPM SEM APO XI PI PORTAL Test development QA SAML 2.0 SAML2Assertion Warning saml2.sp.ResponseValidationService SAML2Assertion Service Provider SAMLREQUEST RBA, Identity federation, guided answers, SCP, platform, authorised

, KBA , BC-IAM-IDS , Identity Authentication Service , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.