WS-FED User Failing Authentication at Resource Partner

Document ID : KB000101629
Last Modified Date : 15/06/2018
Show Technical Document Details
Issue:
WS-Fed Resource Partner is not authenticating the user, resulting in 500 error.Ā  FWSTrace.log indicates the user is failing assertion-based authentication.
Cause:
The NameID was in email format, but the user lookup within the WS-Fed auth scheme was for UID, not email.
Resolution:
Once the user lookup was set to 'mail=%s', the user was authenticated and successfully accessed the WS-Fed target.