SAP Knowledge Base Article - Public

3548561 - Unable to login to SAP CPQ via SSO. Error Code: 200027, Error Message: Invalid user login

Symptom

Facing issue while logging into SAP CPQ using Single Sign On.

Error Code: 200027
Error Message: Invalid user login
Detailed Error Message: Failed to map federated user to related CPQ account.
User Identifier Attribute Source: NameId
User Identifier Value: <email ID>

Environment

SAP SALES CLOUD CPQ

Cause

The user's Federation ID in CPQ does not match the NameId value received in the SAML response, causing the login mapping to fail.

Resolution

The error message contains the terms User Identifier Attribute Source and User Identifier Value.

On the help page Federated Single Sign-On | SAP Help Portal, we can see the explanation for User Identifier Attribute Source.

As explained there, it controls which part of incoming SAML sign-on response will be used for mapping with the user in CPQ. In the error message, it is NameId node and its value is "<email ID>".

It is also explained that this is mapped to the corresponding user by FEDERATION ID or Username of the user (or Global User ID depending on the application parameter as explained on the help page).

This means that this user should have this value "<email ID>" set as the Federation ID (or Global User Id) on the User page in Setup.

This way the user will be successfully mapped.

See Also

Error Codes for Federated Single Sign-On | SAP Help Portal

Federated Single Sign-On | SAP Help Portal

Keywords

SSO, Error, CPQ, Facing, Login issue.  , KBA , CEC-SAL-CPQ , Sales Cloud CPQ , Problem

Product

SAP CPQ all versions