Creation of NameID is not allowed per AuthnRequest

This topic has 1 reply, 2 voices, and was last updated 5 years, 1 month ago by Rogerio Rondini.

  • Author
    Posts
  • #12199
     Anonymous
    Inactive

    Hello,
    I have an OpenAM IDP and a Django application as Service provider with SAML support.

    I configured OpenAM as “hosted identity provider” and registered the “remote service provider” linking the respective metadata.

    When I try to log-in on the service provider I get correctly redirected to the OpenAM authentication, but then on the SP (based on pysaml2) I have the following error:

    StatusInvalidNameidPolicy at /acs/
    Creation of NameID is not allowed per AuthnRequest.
    from urn:oasis:names:tc:SAML:2.0:status:Requester

    Is it an OpenAM user attributes configuration issue ?
    Thank you for helping fixing it!

    #12233
     Rogerio Rondini
    Participant

    Hi,

    Check the Supported NameID format in both entities.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?