/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
User unable to login via Single Sign On (SSO). The following messages are displayed:
- The validation of message 'Response' failed.
- Error in ST program SAML2_ASSERTION when importing XML data.
- Diagnosis Signer/Recipient certificate is expired or not yet valid.
- Signature verification failed (for signer) or Envelope failed (for recipient)
Environment
SAP Business ByDesign.
Reproducing the Issue
- Login to the Tenant Via SSO URL
- User will see Error message "Internal Error During SAML2 Processing"
Cause
Issue is with IDP certificate.
Resolution
Configuration at the IDP side should be checked thoroughly.
It is necessary to import the certificate that is used to sign the XML message (SAML Response) from the Identity Provider.
User has to download certificate and re-upload certificate again.
Contact your IDP vendor for support in acquiring the correct certificate that signs its assertions.
Refer Blog :Single Sign-On (SSO) with SAP Business ByDesign
Keywords
SSO login error, internal error, certificate error, login issue , KBA , SRD-CC-SEC , Security , Problem
Product
SAP Business ByDesign all versions
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)