Question

SSO throwing error on production for first time deployed application

0

Hi Team, We are getting below error while using SSO on production mendix cloud. SAML configuration which we have done on production is same as acceptance where SSO is working fine. From SAML logs we found that requests are going properly from application to IDP but no response are coming back. Can anyone suggest what could e the reason or what can be checked to resolve this issue?

asked 2020-10-14

Amit Kumar Sharma

2 answers

Nils Klatter · Answer 1 · 2020-10-14

The error indicates that the ADFS does not recognizes the entityID in the SAML Authentication request.
So for some reason the ADFS is not configured correctly.

The entity ID is configured under the SP Configuration tab of the SAML module.
So if you changed this recently, it could be that you have the update the SP Metadata in the ADFS to make it match.

Another possibility as suggested in the error message, is that the SP metadata is loaded in the wrong azure directory/tenant or you got the IDP metadata of another tenant. So it is best to verify the directory UUID in the error message with the ADFS administrator.

Amit Kumar Sharma · Answer 2 · 2020-10-14

Hi All,

This error has been resolved after correct the Azure AD configuration. mendix production url was not added into menifist at Azure AD configuration. Once added then SSO started working.