AADSTS750054 SAMLRequest or SAML Response must be present as query string parameters on Modern Logout
search cancel

AADSTS750054 SAMLRequest or SAML Response must be present as query string parameters on Modern Logout

book

Article ID: 251866

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

You have followed the broadcom documents and  configured the SAML 2.0 in clarity. However, you are seeing below error when  you try to logout from the clarity Modern UI. You are using Microsoft AD as IDP.

AADSTS750054 SAMLRequest or SAML Response must be present as query string parameters

Environment

Release : 15.9.2, 15.9.3

Resolution

Check the value of the Logout URL in the NSA.

 <sso tokenName="AUTH_TOKEN" tokenType="header" logoutURL="http://www.broadcom.com" errorURL="http://www.broadcom.com" keyHash=""/>

Set it to a static web site or intranet site and not a SAML logout page with your IDP.

If it still does not redirect to the new Logout URL, check the value of the "IDP_SLO_SER_URL" column in the "CMN_SEC_SAML_CONFIGS" table.

Confirm this is set to the correct Logout URL.  

If not, you can update the column using an Update statement against the clarity database.

For example:

UPDATE CMN_SEC_SAML_CONFIGS SET IDP_SLO_SER_URL = 'http://yourStaticSite';

 

Restart the Clarity "app" services after.