Forum Discussion
Michael_Koyfman
Cirrocumulus
Hard to say, but most likely there is a mismatch on the SAML configuration side somewhere - maybe SP, maybe the IDP.
For starters, since you say that you have two SPs, I suggest performing HTTPWatch or similar and checking if the URLs that SPs use to initiate the connection to the IDP are identical - if not, you might have a configuration mismatch on the SP side.
Start by checking that first. You can also enable SSO debug log and see if there are any notices/errors reported there
Michael_Koyfman
Sep 18, 2015Cirrocumulus
I am glad my suggestion was in the right direction. Not knowing details of resource2, I am guessing that SAML configuration on resource 2 side is mess up - please review it.