search cancel

The requesting Service Provider ID "https://myHost.myDomain.Com/myApp" is not supported by the IDP!


Article ID: 207065


Updated On:





We're tunning Policy Server as IdP and when there's a specific request
as IdP initiated, the Federation transaction ends with this error :

smps.log :

  [9153/139742867879680][Mon Jan 18 2021
  preProcess() returns fatal error.

  <Response ID="_362784d58b031be513f02665f664b3194b0b" InResponseTo="_04902f8d-6e9c-4daf-a9eb-f1ddb71532de" IssueInstant="2021-01-18T16:56:40Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
      <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">myNameID</ns1:Issuer>
   <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester">
       <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal"/>
   <StatusMessage>The requesting Service Provider ID "https://myHost.myDomain.Com/myApp" is not supported by the IDP!</StatusMessage>

How can we fix this ?




At first glance, this error might show up if the Policy Server isn't
able to find the Service Provider ID in its configuration. That may be
due to several causes as problem with the data, etc. Mainly the Policy
Server tries to find the requested SP by its name or by its OID and it
doesn't find it.




The EntityID value is case sensitive, and as such, setting it with the
exact syntax solved this issue.

The EntityID had value :

Setting it to : https://myHost.myDomain.Com/myApp solved the issue.