Hi @BingBong221 ,
Thanks for your post! Normally this issue has to do with configuration on the application side. Your app registration configuration needs to match what you have configured in the application itself. Specifically, you need to compare the Client/Application ID, Reply URLs, Client Secrets/Keys, and App ID URI.
Zendesk offers a few solutions for this particular issue on their troubleshooting page:
1) Look at the Access Consumer Service (ACS) URL to see if there is a / at the end of the address. If there is, remove it.
2) This issue commonly occurs if there has been an update or change to the server's SSL Certificate. If the certificate has a new fingerprint, you need to update the existing one from your support account.
You can reach Zendesk support here.
Otherwise, there might be something configured on the app side that needs to be corrected. I would recommend studying a fiddler trace of the complete login process to find out where exactly this is wrong.
You can check the Problems signing in to SAML-based Single Sign-On configured apps guide for additional steps to diagnose the issue.
If the above steps don't work, I'll be happy to help troubleshoot.
-
If the information helped you, please accept the answer. This will help us and other community members as well.