×![]()
×
×![]()
×
×
SAML Authentication Error Codes
Last Updated On 22 Aug 2025 |
10 minutes read |
Problem
You are trying to login to Endpoint Central through SAML Authentication and you are unable to do so.
Cause
There may be multiple reasons pertaining to this problem. Corresponding to the error code, find the resolution as given below.
Resolution
You are required to identify the cause for your problem from the table with the help of Error Code and follow the corresponding resolution.
| Error Code | Reason | Resolution |
|---|---|---|
| 2 | There may be some parameters missing, such as, SP Entity ID, ACS URL, Certificate, etc., while configuring SAML Authentication settings in either Service Provider or Identity Provider. | Reconfigure IdP settings in SAML Configuration page of Endpoint Central. Restart Endpoint Central. |
| 8 | SAML response is not received from IdP. | Endpoint Central supports only POST Binding method. Ensure that the IdP follows POST Binding method. |
| 13 | Invalid response format. The SAML response received from IDP is not in the expected format. | Configure the SAML Authentication settings in IdP. |
| 16 | Unsupported SAML version. | Endpoint Central only supports SAML 2.0. Ensure that the IdP supports SAML 2.0 standard. |
| 17 | The ID is missing. An ID should be present in the SAML response from IdP to uniquely identify the response. If the ID is missing, then Endpoint Central will not process the request further. | Contact the IdP and reconfigure the SAML Authentication Settings in IdP. |
| 18,19 | The Status Code element in SAML Response from the IdP is missing. So, Endpoint Central will not process the request further. | Contact the IdP and reconfigure the SAML Authentication Settings in IdP. |
| 20 | The Status Value in the SAML Response is empty. Endpoint Central will not process the request further. | Contact the IdP and reconfigure the SAML Authentication Settings in IdP. |
| 21 | The response from the IdP is incorrect. | Check the event log in IdP for the root cause. Mostly, reconfiguring IdP and SP should resolve the issue. |
| 22 | The SP's request is incorrect. | There may be a problem in the Service Provider while requesting the IdP. Reconfigure IdP details in Service Provider and try again. |
| 23 | Unable to process the Status Code received. | There may be multiple reasons for this issue- Authentication failure in IdP or Time mismatch between IdP Server and SP Server. Mostly, reconfigure the IdP and SP details in both IdP and SP should solve the issue. |
| 24 | Response/Assertion is not signed as expected by Endpoint Central. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 25 | Signed Element did not contain an ID. Therefore, Endpoint Central rejected the SAML Response. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 26 | There are Duplicated ID in the Signed Element. So, Endpoint Central rejected the SAML response. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 27 | The Signed Element is invalid. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 28 | There is Duplicated Reference in Signed Elements. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 29 | There are unexpected Signed Elements present in the SAML Response. Therefore, Endpoint Central will not process the request further. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 30 | There is unexpected Reference present in the SAML Response. So, Endpoint Central was unable to process further. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 31 | There are wrong number of signatures present in the SAML Response. So, Endpoint Central was unable to process further. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 32 | There are wrong number of signatures present in the SAML Assertion. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 35 | There was no signature in the SAML Response. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 36 | The Signature present in the SAML Response is invalid. This arises due to misconfiguration between SP and IdP. | Reconfigure SAML Authentication settings in both SP and IdP. |
| 37 | Duplicated Attribute Name was found. So, Endpoint Central was unable to process further. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 38 | There was no Name ID present in the SAML Response. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 39 | The Name ID was empty in the SAML Response. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 40 | There was Name Mismatch in SP Name Qualifier. So, Endpoint Central was unable to process the request further. | Reconfigure SAML Authentication settings in both SP and IdP. |
| 41 | The Session expired. | Refresh and login again. |
| 42 | The Destination given in the SAML Response is wrong, because the SP's ACS URL might have changed. | Reconfigure the SAML Authentication settings in IdP and try again. |
| 43 | The Destination given in the SAML Response is empty, because the SP's ACS URL might have changed. | Reconfigure the SAML Authentication settings in IdP and try again. |
| 44 | The Issuer Name is incorrect or missing in SAML Response. | Check with IdP vendor and reconfigure SAML Authentication settings in IdP. |
| 46 | The SAML Response is created with the Response Construction time. The SAML Response has an expiry time. If the IdP and Endpoint Central are present in different time zones, there may be a time mismatch. This marks the Assertion made by the IdP to be too early. | Time mismatch between IdP and Endpoint Central. Adjust the time and try again. |
| 47 | Since, the Assertion has an expiry time, the SAML Response may be expired when it reaches the SP. This usually happens if there is a time mismatch between IdP and SP. | Time mismatch between IdP and Endpoint Central. Adjust the time and try again. |
| 50 | The ID sent by the IdP may not be taken up by the SP due to browser cache. | Clear the browser cache and try again. |
Applies to: SAML Authentication, SSO, Error codes, Identity Provider, Service Provider
Keywords: SAML Authentication, Error codes, Identity Provider, Service Provider
Was this document helpful?
Yes No
Thank you for your feedback!
Visit our community