Error 400 during SAML authentication through ADFS
search cancel

Error 400 during SAML authentication through ADFS


Article ID: 245698


Updated On:


Protection Engine for NAS Cloud Workload Assurance Cloud Workload Protection


Error 400 when using SAML based authentication with ADFS.



Verify via a SAML trace that the SAML response URL's  includes the correct protocol HTTP(s)  that ADFS required.

In issue was seen where the SAML trace had a response "http" eg... http://<YOUR ADFS SERVER>/adfs/services/trust. The URL that was used to register CWA included "https"  httpS://<YOUR ADFS SERVER>/adfs/services/trust

The IDP metadata will include the URL that is required for the configuration

Support can verify and update the IDP registration for CWA CWP by having the customer send in their metadata from ADFS.

If the update does not work, support can remove the existing registration, create a fresh registration and share the new ACS and entry ID with the customer so they can update ADFS.


Additional Information

Follow the SSO integration guide for Cloud Workload Assurance: CWA IDP configuration


Broadcom KB: How to gather a SAML trace.