Question

Azure IdP generates IDENTITY_PROVIDER_LOGIN_ERROR

+4

We are trying to setup SSO through Azure Entra. When the user click the new login button he’s promted to Azure for login details, so far so good.

After a successfull login through Azure (which also is clear from the Azure logs) the user is however faced with:

In IFS the Login Event Details I find entries such as :

The IAM provider is setup with Syncmode Force. In Azure the following APIs are granted to the application:

There’s no IdP attribute mappers for this IdP.

In Azure the users email and upn is the same as the directory_id in IFS.

What could possibly be incorrectly configured?

+16

Hi

What about user account definition and its directory ID? Have You set IdP Attribute mappers correctly?

Piotr --> https://www.linkedin.com/in/piotr-skowronek-8425aa6/

+15

Hi Magnus,

Is this IFS Cloud? If it is an on-premise environment, I would recommend checking the IAM pod logs for further details.

kubectl logs deployment/ifsapp-iam -c ifsapp-iam -n <ifs namespace>

Best regards -- Ben

+4

Hi,

It’s IFS Cloud, and the issue was unfortunatly that we had entered the wrong URL for user info. Now sorted and it works as expected.

KR,

/Magnus

3 replies