Partnership not working when SPID contains "&" chars
search cancel

Partnership not working when SPID contains "&" chars


Article ID: 35389


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



When Configuring Partnership and especially with EntityID(IDPID and SPID), you can use URL as per documentation but if you are using special chars like "&" it is failing.

For example, configuring SPID with format like : is failing.

Indeed the Federation services fails to retreive the Servide Provider ID until


Any Siteminder AdminUI environment : 12.5 / 12.51 / 12.52 / 12.52 SP1 when configuring entitied for partnerships

Any SecureCloud environment : 1.5x



Component: SMAUI



You can not use the "&" in the SPID as it is a special char part of a query string like "?"

Because the ampersand character in the EntityID query string will be recognized as a separate query parameter.

The below Reference URL is more appropriate, which states

•    An entity ID: 1) MUST be a URI, 2) SHOULD be an absolute URL, and 3) SHOULD NOT be a URN
•    The entity ID MUST be globally unique to avoid name collisions both within the Federation and across federations
•    If the entity ID is a URL (which is strongly RECOMMENDED), then:
o    the host part of the URL MUST be a name rooted in the organization's Primary DNS Domain
o    the URL MUST NOT contain a port number, a query string, or a fragment identifier

Recommended EntityID would be :


Invalid EntityID would be :