Have you configured SAMLConfiguration_Overview to be shown some where in your application.
If yes, please take a look at the details of the error there.
The Metadata is null or empty or not configured. Probably there are some configuration issues with your Metadata.
Try to re-create the meta data in production, export the metadata and hand it over to the IDP, so they can add the meta data in their production version too. You cannot simply use the same metadata from acceptance.
IdpMetadata idpMetadata = context.getIdpMetadata();
if( idpMetadata == null )
throw new SAMLException("SAML hasn't been correctly initialize. Please restart the SAML handler.");
Have you added the startup flow appropriately?
I would also have a look at the debugging steps here: https://docs.mendix.com/appstore/modules/saml#5-debugging-the-configuration. Begin by turning the logging up to TRACE for the SAML_SSO node, and see what else is shown in your logfile. There are many things that can be configured differently between environments.
The metadata appears to be okay as far as my knowledge reaches;
For firefox there is a plugin SAML tracer. You can use that to check all the SAML traffic. And do set the lognode on your production environment to trace so you get the elaborate logs instead of the less descriptive ones. And the problem is in the SAML response. So you need to download the response to the request and inspect that one. So check the SAML requests.
Thanks all for the response.
Eventually I have found a colleague who figured out that the MyID account was set properly, but not activated.
That’s why the SAML responses where empty.