/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
During browser (login) flows, the user sees the following error:
There was an error when authenticating against the external identity provider: Invalid issuer (xxxxx.accounts.ondemand.com) for token did not match expected: https://xxxxx.accounts.ondemand.com
Prerequisites:
- An OIDC trust with an Identity Authentication (IAS) tenant has been configured using the "Establish Trust" button in the BTP Cockpit.
- The Name/Issuer of the OIDC provider has been changed in the IAS Administration Console (Application & Resources -> Tenant Settings -> OpenID Connect Configuration -> Identity Provider Settings -> Name), for example, to an issuer with or without https://.
Read more...
Environment
- SAP Business Technology Platform.
- Cloud Foundry Environment.
- Identity Authentication Service.
Product
SAP Business Technology Platform all versions
Keywords
IAS, BTP, CF, OIDC, XSUAA , KBA , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)