Qlik Community

Qlik Sense Deployment & Management

Discussion board where members learn more about Qlik Sense Installation, Deployment and Management.

ahmedadmin
New Contributor III

ADFS Connectivity Error 400

I have configure the ADFS for the Qlik Sense environment and Have all the parameters for a clustered environment with 3 nodes.

Upon configuring the ADFS I get the error message

"Error 400 - Bad request

Contact your system administrator. The user cannot be authenticated by the SAML response through the following virtual proxy: ADFS"

I have also linked all the proxies to the ADFS Virtual Proxy and set the parameters as below:

SAML Attribute mapping:

http://schemas.xmlsoap.org/claims/Group    -- Group

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn‌  --- upn

Please let me know if anyone has this same issue.

1 Solution

Accepted Solutions
ahmedadmin
New Contributor III

Re: ADFS Connectivity Error 400

This Issue is resolved, 90% of the time the issue is with the configuring the right SSL certificates of the Qlik Sense Node in the ADFS Relying Party Trust.

For an  ADFS setup for multimode Cluster requires adding the SSL certificates in the ADFS server. Also, make sure the same certificates' thumbprint is added in the Center node QMC within the registered proxies in the security section.

Right configuration of the certificates resolved this issue.

3 Replies
ahmedadmin
New Contributor III

Re: ADFS Connectivity Error 400

This Issue is resolved, 90% of the time the issue is with the configuring the right SSL certificates of the Qlik Sense Node in the ADFS Relying Party Trust.

For an  ADFS setup for multimode Cluster requires adding the SSL certificates in the ADFS server. Also, make sure the same certificates' thumbprint is added in the Center node QMC within the registered proxies in the security section.

Right configuration of the certificates resolved this issue.

jim_chan
Contributor III

Re: ADFS Connectivity Error 400

Hi,

I am facing the same issue. But I dont understand the part - with the configuring the right SSL certificates of the Qlik Sense Node in the ADFS Relying Party Trust.

I am deploying SAML in the development server. the Cert u r talking about... is it a self sign cert????

Rgds

Jim

anwar_qlik
New Contributor III

Re: ADFS Connectivity Error 400

Hi Ahmed,

I have done SAML for single node bit confused how its done on cluster.

I have Central node with a Failover node and 2 Consumer Node

Central Node would be for Development and Scheduling.

Do you have steps how to do SAML for such scenario?

Regards,

Anwar

Community Browser