Symptom
- SAML 2.0 authentication when using SAP Cloud Platform Identity Authentication Service (IAS) fails and a similar error to below is recorded:
**************************************
Sorry, but you are currently not authorized for access
**************************************
Screenshot of the error:
- The Troubleshooting log is showing one the following error. This log is viewable only in IAS administration console.
cause=rbaRulesCheckFailure, message="Denied by RBA rules" or "Authentication error.User not found: xxx Caused by: Could not find user <e-mail> in mongo DB."
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Read more...
Environment
SAP Cloud Platform Identity Authentication Service
Product
SAP Business Technology Platform all versions ; SAP Cloud Identity Services all versions ; SAP Integrated Business Planning 1808 ; SAP Integrated Business Planning 1911
Keywords
sso single-sign-on login.failed artifact JAVA Service Provider SP Identity Provider IdP Issue Instant is not valid SAP Production ABAP R/3 ERP SRM CRM ERP PPM SEM APO XI PI PORTAL Test development QA SAML 2.0 SAML2Assertion Warning saml2.sp.ResponseValidationService SAML2Assertion Service Provider SAMLREQUEST RBA, Identity federation, guided answers, SCP, platform, authorised
, KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.