<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
SAML Single Sign On Fail for Mobicontrol Application
Nov 7, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

SAML Single Sign-On (SSO) fails for the Mobicontrol application when integrated with Entra. The following error occurs after a user is successfully authenticated with Okta and is redirected to Entra:

 

Sorry, but we're having trouble signing you in.

AADSTS901172: Invalid request. Multiple values are present for a single value claim.

 

Applies To
  • Mobicontrol
  • Microsoft Entra / Microsoft Azure
  • Microsoft 365 / Office 365 (M365 / O365) 
  • Single Sign-On (SSO)
Cause

Entra expects users to have Multi-Factor Authentication (MFA) enabled for Office 365 user authentication. This error occurs when MFA is not enforced for Office 365.

Solution

Enforce MFA for the Office 365 application hosted on Okta.

For example, the rule should have either Any 2 factor types or Password / IdP + Another factor set in the User must authenticate with setting.

Rule configuration

 

Related References

For more information about Entra MFA, please see the following Microsoft articles:

Recommended content

Still looking for help?
Loading
SAML Single Sign On Fail for Mobicontrol Application