SAP Knowledge Base Article - Public

3358043 - SAML error in CPQ after using new URL format

Symptom

The introduction of the new URL format has been successfully implemented, and the IDP has been configured to accommodate the changes. Despite this progress, some errors are still present in the logs, specifically related to the old URL.
Error code: 200023
Error message: SAMLResponse has invalid condition related to target audiences.
Expected Audience: [old URL]
SAMLResponse Audiences: [new tenant URL]

Environment

SAP SALES CLOUD CPQ

Cause

This error code indicates an issue with the 'Audiences' node in the SAMLResponse. It suggests that the Identity Provider failed to send the appropriate sign-on response for the SAMLRequest. The error also suggests that the configuration (IdP side) is set to the new CPQ Tenant URL, but there's a possibility that there was an attempted to log in using the old URL. 

Resolution

Note that if IdP-initiated login is being employed, it is needed to adjust certain settings on the IdP side (specifically, depending on the IdP used) or update the bookmarked URL. Further analysis would require additional information through a support ticket with CPQ team.

See Also

SAP CPQ Tenant URL - https://help.sap.com/docs/SAP_CPQ/884885f05e6b4c8082254d4d9d63f19b/09e46842d4b94c13934323651b81b395.html?version=latest 

Keywords

SAML, error, 200023, CPQ, URL, tenant, logs, IDP , KBA , CEC-SAL-CPQ , Sales Cloud CPQ , Problem

Product

SAP CPQ 2023