Tagged: AuthnRequest, nameid, openam, pysaml, service provider This topic has 1 reply, 2 voices, and was last updated 5 years, 1 month ago by Rogerio Rondini. Author Posts July 23, 2016 at 11:54 am #12199 AnonymousInactive Hello, I have an OpenAM IDP and a Django application as Service provider with SAML support. I configured OpenAM as “hosted identity provider” and registered the “remote service provider” linking the respective metadata. When I try to log-in on the service provider I get correctly redirected to the OpenAM authentication, but then on the SP (based on pysaml2) I have the following error: StatusInvalidNameidPolicy at /acs/ Creation of NameID is not allowed per AuthnRequest. from urn:oasis:names:tc:SAML:2.0:status:Requester Is it an OpenAM user attributes configuration issue ? Thank you for helping fixing it! July 26, 2016 at 4:21 pm #12233 Rogerio RondiniParticipant Hi, Check the Supported NameID format in both entities. Author Posts Viewing 2 posts - 1 through 2 (of 2 total) You must be logged in to reply to this topic.