Symptom
You configured SSO but receive the following error;
"Error in ST program SAML2_LOGOUT_RESPONSE when importing XML data".
Environment
SAP Cloud for Customer
Reproducing the Issue
- Go to Application and User Management >> Common Tasks.
- Select 'Configure Single Sign-On'.
- From 'My System' download SP Metadata and forward it to IDP.
- Configure IDP manually.
- In C4C, upload file and activate Single Sign-On.
- Save.
- Error occurs.
Cause
The SAMLResponse coming from the Identity Provider is being sent to the Single Logout Service (SLO) from the Service Provider and not the Assertion Consumer Service (ACS).
Resolution
Modify the Identity Provider configuration to send the SAMLResponse to the ACS and not the SLO.
Example: Change the endpoint from "http(s)://<hostname>:<port>/sap/saml2/sp/slo" to "http(s)://<hostname>:<port>/sap/saml2/sp/acs".
Keywords
SAML2 logout response, import XML error, configure SSO , KBA , saml2 logout response , configure sso , LOD-CRM-SEC , Security Topics , Problem