SAML Configuration with Azure AD?

11 views

Skip to first unread message

Brian Habermann

unread,

Aug 30, 2023, 4:40:27 PM8/30/23

to MailArchiva

Hello,

I'm currently in the evaluation process trying to get SAML to work with Azure AD as the IdP. I have gotten IdP initiated SSO working but I can't get Service Provider SSO working. I'm met with the following error message:

AADSTS750161: Allowed SAML authentication request's NameIDPolicy formats are:

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

urn:oasis:names:tc:SAML:2.0:nameid-format:transient.

in looking at the SAML Trace, I am seeing mailarchiva is sending this: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified, which doesn't match one of the above. Is there anything I can change to fix this?

Thank you.

Jamie

unread,

Sep 1, 2023, 4:42:45 AM9/1/23

to MailArchiva

Brian. SAML auth is not tested against Azure. You should rather be using Azure authentication. Step G described at https://help.mailarchiva.com/office-365#mailarchivaonpremise

Reply all

Reply to author

Forward

0 new messages