This means that the Metadata URL available in the Relying Party Trust properties is not reachable from the ADFS server.
It could be because of many reasons:
- The URL is incorrect
- The ADFS server doesn't have access to the URL (if the URL is a public site, the ADFS might not have access to the Internet)
- The URL is blocked (it is an XML document maybe the HTTP proxy has weird rules blocking that)
- The URL uses a TLS version not supported by ADFS by default (for example, if that uses only TLS1.2 and you have not enable .Net strong crypto) see here: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs
In any cases, the monitorig feature is a "nice to have" configuration. It doesn't mean the app doesn't work, it doesn't mean users can't access the workload. So at the end of the day, if the ADFS server can't reach the URL for legit reason (like you don't want to give access to the Internet in the case the URL is a public one), then you can just disable the monitoring and ask the owner of the app to notify you by email when things change on their side.