I want to integrate single sign on(SSO) with Office 365.I am using third party IDP GLUU. and Sync Adfs with with office365 admin pannel. When i entered email in office365 login then it is correctly redirected to gluu SignIn page then I entered username and password and got error "InvalidNameIDPolicy".
Please find saml request- response:-
SAML Request:
<samlp:AuthnRequest ID="_099e3e23-d100-4c9b-afb1-29d7ee1e2019"
Version="2.0"
IssueInstant="2018-11-22T08:32:34.061Z"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">urn:federation:MicrosoftOnline</Issuer>
<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" /></samlp:AuthnRequest>
SAML Response:
<?xml version="1.0" encoding="UTF-8"?>
ID="_164f7c5ac5cf38223372c1bd44ce603f"
InResponseTo="_5e69eec0-50a8-474c-adac-b56b76c7856e"
IssueInstant="2018-11-22T05:11:17.888Z"
Version="2.0"
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester">
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy" /></saml2p:StatusCode>
<saml2p:StatusMessage>An error occurred.</saml2p:StatusMessage>
</saml2p:Status>
</saml2p:Response>
I know error is "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy".
So just want to know this error comes from ADFS side or IDP side?
If this error comes from ADFS side then how to resolve this issue?