/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- SSO with Corporate Identity Provider does not work.
- The SAML response sent from Identity Authentication to the Service Provider contains the status message "Failed to authenticate user".
- The IAS troubleshooting logs contains the following error:
Service Provider has received SAML2Assertion from Identity Provider [XXX] whose audience restriction [[https://<tenant id>.accounts.cloud.sap]] does not specify the current Service Provider [https://<tenant id>.accounts.ondemand.com].
Read more...
Environment
Identity Authentication Service
Product
Identity Authentication 1.0
Keywords
SAML, SSO, authentication, Identity Authentication Service, entity ID, entity name, corporate IdP, mismatch, audience restriction does not specify the current Service Provider, audience restriction, Failed to authenticate user , KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)