Creation of NameID is not allowed per AuthnRequest

This topic has 1 reply, 2 voices, and was last updated 6 years ago by Rogerio Rondini.

  • Author
  • #12199

    I have an OpenAM IDP and a Django application as Service provider with SAML support.

    I configured OpenAM as “hosted identity provider” and registered the “remote service provider” linking the respective metadata.

    When I try to log-in on the service provider I get correctly redirected to the OpenAM authentication, but then on the SP (based on pysaml2) I have the following error:

    StatusInvalidNameidPolicy at /acs/
    Creation of NameID is not allowed per AuthnRequest.
    from urn:oasis:names:tc:SAML:2.0:status:Requester

    Is it an OpenAM user attributes configuration issue ?
    Thank you for helping fixing it!

     Rogerio Rondini


    Check the Supported NameID format in both entities.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?