Access to Azure with SAML and Salesforce

0
votes

I configure on Azure AD (my IDP) the Salesforce Sandbox Application (my SP). I setup all following this tutorial: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/salesforce-tutorial

But when i try to connect using SSO i have this error:

AADSTS650056: Misconfigured application. This could be due to one of the following: the client has not listed any permissions for 'AAD Graph' in the requested permissions in the client's application registration. Or, the admin has not consented in the tenant. Or, check the application identifier in the request to ensure it matches the configured client application identifier. Or, check the certificate in the request to ensure it's valid.

I try to add inside API permissions the permission to AAD Graph but not work...

permission

UPDATE:

Now the error is:

AADSTS700016: Application with identifier 'URL SALESFORCE' was not found in the directory '29ab2178-e8d4-4b83-a2ef-f62ea37a6413'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

I need help please..

Thanks

1
azureazure-active-directorysalesforcesingle-sign-onsaml
You can follow the doc method to troubleshoot: docs.microsoft.com/en-us/troubleshoot/azure/active-directory/…Carl Zhao
i check the Issuer in Azure and in Salesforce and is the same..is not the problem..DevOps85
i just update the errorDevOps85
The documentation you're pointing at uses Enterprise app with SAML SSO but here you've configured an app registration ?Thomas
Check your client id to make sure it is correct.Carl Zhao

1 Answers

0
votes

I solve the problem. It was a wrong URL because for the Sandbox org i must put URL in that for:

https://domain.my.salesforce.com