When imitating a SAML connection directly via Azure AD you may run into a "Sorry we cannot log you in at this time" error.

Please double check the following are both set to the value under Setup -> Admin -> Single Sign On -> Audience URI -

• Confirm that the Entity ID has the "Default" option selected this can be done by navigating to Azure AD -> Enterprise App -> SSO -> Basic SAML Configuration -> Edit.
  
  
  
  
• Confirm that the Application ID URI matches the Entity ID setup under Basic SAML Configuration - Azure AD -> App Registrations -> Expose an API -> APP ID URI - Set
  
  
  
  

If the following two fields match the Audience URI match please then contact CloudHealth Support.