The configuration is Zendesk Support with SAML SSO via ADFS.
We have run in the following issue after changing the ADFS certificate: When a user tries to authenticate they automatically get redirected to the logout page. ADFS logs the following error:
Encountered error during federation passive request.
The SAML request contained a NameIDPolicy that was not satisfied by the issued token
Requested NameIDPolicy: AllowCreate: True Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress SPNameQualifier: . Actual NameID properties: null.
The thumbprint in the SSO config is the one of the token signing certificate configured in ADFS.
ADFS for O365 is working as intended.
If you need any additional information please ask.
Please sign in to leave a comment.