Sorry, which third party SAMLP do you used?
I always get the error, AADSTS51004: The user account xxx does not exist in the yyy directory. To sign into this application, the account must be added to the directory.
Azure AD SAML IDP provider with relay state
We can federate a domain on AAD and configure a third party SAMLP as described here https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-saml-idp.
When doing IDP initiated SSO to AAD it's ignoring the relay state parameter in SAMLResponse sent to AAD hence user lands on office portal always.
If there a way we can set the relay state in the SAMLresponse so that the user lands on the app directly after SSO to AAD instead of landing on portal.
If we start the flow using user access url of the app then the user lands on app directly but its SP initiated flow wanted to know if its possible with IDP initiated flow
1 answer
Sort by: Most helpful
-
lifonghsu 31 Reputation points
2020-04-23T12:56:42.057+00:00