Error 401 Unauthorized with OIF IdP-initiated SSO using Persistent NameID Format - Error in OIF log "SSO with SP cannot be completed: user federation does not exist"
Last updated on MARCH 08, 2017
Applies to:Oracle Identity Federation - Version 10.1.4.3.0 and later
Information in this document applies to any platform.
The requirement is to implement Identity Provider (IdP) initiated Single Sign On (SSO) using Oracle Identity Federation (OIF) as IdP with third party Service Provider (SP) application, using Persistent Name ID Format.
IdP-initiated SSO is failing with error 401 Unauthorized displayed in the browser, after IdP credentials are submitted.
The request is failing at the OIF IdP /fed/user?refid=..... request, with the following underlying error in the OIF 10g log:
IdP-initiated SSO using EmailAddress NameID format is successful. The problem is specific to Persistent Name ID Format.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms