2926820 - E-Mail Verification is set to OFF for Application in IAS, but users can't access it without verification

In Identity Authentication Service under the Application's 'Authentication and Access' tab, the 'E-Mail Verification' is set to OFF.

However, the authentication for users is failing with an infinite loop or other error messages.

The SAML trace is showing this Status error:

<StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"/></StatusCode>
<StatusMessage>The email of the user is not verified.</StatusMessage>

In the Troubleshooting log, the following error is displayed:

message=Identity Provider could not process the authentication request received due to error on its own side.com.sap.security.saml2.lib.common.exceptions.SAML2ErrorResponseException: The email of the user is not verified.

If the administrator sets a user's e-mail address to verified under 'User Management' >> 'User Details' >> 'Personal Information' in the Administration Console, the authentication becomes successful.

The issue occurs, when the registration is On Behalf Registration, which means that a user was created on behalf of it, so not via self-registration (e.g. in Administration Console, via SCIM REST API, using the Import users functionality).

SAP Cloud Platform Identity Authentication Service

IAS, E-Mail Verification, OFF, loop, verified, verify, email, e-mail, name ID attribute, nameid-format:emailAddress , KBA , BC-IAM-IDS , Identity Authentication Service , Problem