Hi team,
We recently planned to migrate the IDP configuration from one to another. During this migration, we did not delete the old IDP (IDP1) but added a new one (IDP2). However, when testing the new IDP (IDP2), we encountered a 401 error.
Remarks:
<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
Could you please assist in resolving this issue with IDP2?
Thank you.
Discussion posts and replies are publicly visible
Did you consider to open a support case?
Install saml extension in your browser, and you will be able to compare both requests, in order to check where is the error.
Hi Seefan thank you for you responce I raise the support ticket
Hi david why i am not seen the Signature hashing Hashing Algorithm option in smal configuration is there any problem with configuration
Hi Stefan In SAML responses, the <NameID> element and the <Attribute> elements for emailaddress was different is this difference lead to 401
<NameID>
<Attribute>
emailaddress
I do not understand...... First of all, I would try to find where the error is located.. (using SAML Tools).
Hi David
The only differences between responses is only that line?
In our SAML responses, we've observed a difference between two identity providers (IdPs) in how the <NameID> and emailaddress attributes are handled:
Against which attributes do you have mapped that values? Seems that the login is being made, but you don't have permissions in the platform
DO you see any error in logs?