SAP Knowledge Base Article - Public

3242886 - Saml login failed in tenant 'Tenant-ID' Azure SSO Claims has the Namespace field populated


After configuring a Signavio Workspace for SAML, and configuring Azure/Active Directory SSO Application, the following error occurs when a Signavio SSO login is attempted.

Error: Oops... the system was unable to perform the requested function Cause: Reason: An error occurred. (saml2.exception Saml login failed in tenant 'Tenant-ID'.) Request ID: eae42c2b7d8946b38c6b620b2d674cb4]]>

For the Azure SSO Claims, the Namespace field has been populated.

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.


The information provided does not imply that SAP Signavio Product Support have any expertise in setting up 3rd party identity provider (IdP) systems for customers. These are merely bits of information that were gathered over time while configuring the SAML SSO with identity providers, which may help you with a smoother setup. If you require assistance setting up your IdP system, please reach out to your consultant, partner, or specialized support.

Remove the value for the Namespace field.
As per the Signavio article: SaaS: Configuring SSO with Azure AD, the Namespace field is not required.

If this does not resolve the issue, please contact Signavio Support by logging a ticket in the Signavio Support portal.


KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To


SAP Signavio Process Manager all versions ; Signavio Process Manager all versions