SAP Knowledge Base Article - Preview

2754693 - AppToAppSSO in SAP CP NEO - HTTP Status 500 - Service Provider does not match specified audience in the SAML2Assertion

Symptom

In SAP Cloud Platform (SCP) NEO Environment you try to establish AppToAppSSO authentication between two applications. Connection fails with error appearing in the browser:

"HTTP Status 500 - An internal application error occurred"

Target Application logs show the following:

[...]
#ERROR#com.sap.core.jpaas.security.saml2.sp.loginmodule.SAML2JPaaSLoginModule
[...]
Failed to process SAML message com.sap.security.saml2.sp.sso.exception.BadCredentialsException: Service Provider does not match specified audience in the SAML2Assertion.
[...]


Read more...

Environment

  • SAP Cloud Platform NEO Environment
  • AppToAppSSO Destination configuration

Product

SAP Cloud Platform all versions

Keywords

AppToAppSSO, SAML2Assertion, Service Provider does not match specified audience, BadCredentialsException, UI5 application, OData Services, OData Service, AJAX request, HTTP Status 500, An internal application error occurred, internal application error , KBA , BC-NEO-SEC-IAM , Authentication, Authorization(Cloud Platform Neo) , BC-NEO-CON , SAP Cloud Platform Destinations and On-premise Connectivity , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.