ADFS Rejecting SAML Assertion

Article Id: 74917

Status: Published

Updated On: 27-03-2018 14:09

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On CA Single Sign-On

Issue/Introduction:

ADFS is rejecting the assertion from SM, complaining that the SPID was not passed in URI format. The SPID format is 'unspecified'.

Cause:

Regardless of the attribute format, ADFS expects the SPID to be of the https://name.sub.domain format. As Siteminder doers not have such a limitation, the customer had configured a value without 'https://' in front of it.

Environment:

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component:

Resolution:

Configure the SPID value to be URI format. It should look like a root URL: https://SPID.company.com