My Oracle Support Banner

SAML2 SSO Configuration with IDCS Failing At Authorization Layer with Debug Message "XACML Authorization isAccessAllowed(): returning DENY" (Doc ID 2981441.1)

Last updated on OCTOBER 23, 2023

Applies to:

Oracle WebLogic Server for OCI - Version and later
Information in this document applies to any platform.


After configuring SAML2 SSO with IDCS as Identity Provider, the user is unable to access the application with a 403 Forbidden Error.  After enabling Security->Atz debugs for WebLogic Server, below message can be seen in the log..



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.