This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 57.99999999999999%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
I am trying to add OKTA as an Identity Provider in the Entra ID.
and i keep getting this error " Authentication fails with an error stating "The requested federation realm object '< Object ID >' does not exist"
I have gone through the microsoft documentation but didn't help.
I get ISSUER URI error.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hi @Ali Mumtaz
Following up to see if the below answer was helpful. Please remember to "Accept Answer" if answer helped you. This will help us as well as others in the community who might be researching similar questions. if you have any further query do let us know.
Hi @Ali Mumtaz
If the information below has been helpful in addressing your question, please accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.If you have any further query do let us know.
Hi @Ali Mumtaz
Thank you for posting this in Microsoft Q&A.
I understand you are facing an issue where authentication fails with an error stating 'The requested federation realm object '< Object ID >' does not exist'.
This failure happens when the third-Party identity provider returns the wrong IssuerURI within the Issuer field in the Security Assertion Markup Language (SAML) response.
We have a documentation on this issue. Can you please try the below solutions: https://learn.microsoft.com/en-us/troubleshoot/azure/entra/entra-id/mfa/authentication-fails-with-error?source=recommendations
Solution 1:
Contact the support team for the third-party identity provider and have them correct the IssuerURI, returned as Issuer, in the SAML the response returned to either Microsoft Entra ID or Microsoft 365, through the client.
Solution 2:
Use the command Set-MsolDomainFederationSettings to modify the IssuerURI of the federated domain to match the realm object listed in the error.
If you still facing an error, please create a support request
Thanks,
Navya.
Hope this helps. Do let us know if you any further queries.