Symptom
In step 4 of configuring custom IDP in SAC by following the steps in the SAC help guide Enable a Custom SAML Identity Provider, click the Verify Account button. The following error message pops up:
- "We were not able to verify your account. Check your login credential and try again"
The below error can be seen in web browser HAR trace:
- errorDetails: [{message: "uploadIdPMetadata failed with 500 status", bUIMessage: false, bWarning: false}]
-
- 0: {message: "uploadIdPMetadata failed with 500 status", bUIMessage: false, bWarning: false}
- bUIMessage: false
- bWarning: false
- message: "uploadIdPMetadata failed with 500 status"
- message: "uploadIdPMetadata failed with 500 status"
- stack: ""
- status: 500
- 0: {message: "uploadIdPMetadata failed with 500 status", bUIMessage: false, bWarning: false}
Environment
- SAP Analytics Cloud (Enterprise)
Reproducing the Issue
- Login to SAC.
- Go to System -> Administration -> Security.
- Upload SAML IDP metadata.
- Click verify account.
- Notice that error happens.
Cause
In the IDP metadata, it id found the Subject and Issuer of certificate are set to IP Address like below:
Resolution
Configure SAML IDP certificate to have a valid CN and Issuer of a hostname instead of IP address.
Keywords
SAC, IDP, Verify Account, Custom. , KBA , LOD-ANA-AUT , SAC Authentication / Login , Problem
Product
SAP Analytics Cloud all versions
Attachments
Pasted image.png |