NickH48226
Reputation: 147
Shibboleth Proxy to Azure AD Validation Error on redirect with error XML element 'RequesterID' in XML namespace 'urn:oasis:names:tc:SAML:2.0:protocol'
I configured my local shibboleth IdP to proxy authentication to Azure AD but on redirect and getting an Azure error:
AADSTS7500522: XML element 'RequesterID' in XML namespace 'urn:oasis:names:tc:SAML:2.0:protocol' in the SAML message must be a URI.
My service provider that is redirecting to Shibboleth > AzureAD uses an entity ID that is just a name and not a URL which is what shows up in my saml trace back to Azure.
<saml2p:Scoping>
<saml2p:RequesterID>EntityIDShortName</saml2p:RequesterID>
</saml2p:Scoping>
Is there a way to turn off this validation in Azure or transform / not include the requester id from shibboleth to Azure AD?
I used this document to do the configuration: https://shibboleth.atlassian.net/wiki/spaces/KB/pages/1467056889/Using+SAML+Proxying+in+the+Shibboleth+IdP+to+connect+with+Azure+AD
Thanks Nick
Upvotes: 0
Views: 1045
Answers (1)
NickH48226
Reputation: 147
Just changing the entity I had in my test provider addresses this issue.
Upvotes: 0
Related Questions
- Typescript errors not showing in VSCode editor using typescript-eslint
- Webstorm 11 check typescript files without compiling. Using webpack for compilation
- Disable ESLint for TypeScript files
- Enabling Eslint on typescript files
- Change WebStorm TSLint error lines to warning lines
- Show codelyzer errors in WebStorm
- Show project wide TypeScript problems/errors in webstorm
- In WebStorm with TypeScript, How to Debug While TS errors?
- WebStorm HTML files are showing TypeScript errors for HTML elements
- WebStorm treat TypeScript files as JavaScript