2926820 - User Authentication failed with "The email of the user is not verified" even though E-Mail Verification is set to OFF for Application in IAS

In the IAS application's 'Authentication and Access' tab, the 'E-Mail Verification' is set to OFF.

However, the authentication for users fails with an infinite loop or someerror messages.

The SAML trace shows this error:

<StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"/></StatusCode>
<StatusMessage>The email of the user is not verified.</StatusMessage>

In the Troubleshooting log, the following error is displayed:

message=Identity Provider could not process the authentication request received due to error on its own side.com.sap.security.saml2.lib.common.exceptions.SAML2ErrorResponseException: The email of the user is not verified.

If the administrator sets a user's e-mail address to verified under 'User Details' in the Administration Console, the authentication becomes successful.

The issue occurs when the registration is On Behalf Registration, which means that a user was created on behalf of it, so not via self-registration (e.g. in Administration Console, via SCIM REST API, using the Import users functionality).

Identity Authentication Services

IAS, E-Mail Verification, OFF, loop, verified, verify, email, e-mail, name ID attribute, nameid-format:emailAddress, The email of the user is not verified , KBA , BC-IAM-IDS , Identity Authentication Service , Problem