AaronJ.49797 (Customer) asked a question.
Okta with Azure AD + SAML as IdP
I am attempting to create a new SAML IdP based on an external Azure AD instance. I have followed the guide here exactly, https://help.okta.com/en/prod/Content/Topics/Provisioning/azure/azure-integrate-main.htm, but get 2 separate errors in my Okta logs when trying to test logging in with an Azure user:
- failure : Unknown Profile Attribute
- failure : Unable to transform email to username
It seems to be a problem with the attribute mappings, but I cannot determine the right combination to make things work. Can anyone help me with this issue?
When you map attributes in okta for Azure AD (as per https://help.okta.com/en/prod/Content/Topics/Provisioning/azure/azure-map-attributes.htm 13) Make sure to check that the External URL name does not have “.” at the end. cause if you directly copy and paste it will include “.” also in URL and it will give an error.
Let me know if it worked for you or not.