Hello,
I'm currently in the evaluation process trying to get SAML to work with Azure AD as the IdP. I have gotten IdP initiated SSO working but I can't get Service Provider SSO working. I'm met with the following error message:
AADSTS750161: Allowed SAML authentication request's NameIDPolicy formats are:
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
urn:oasis:names:tc:SAML:2.0:nameid-format:transient.
in looking at the SAML Trace, I am seeing mailarchiva is sending this: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified, which doesn't match one of the above. Is there anything I can change to fix this?
Thank you.