3 Replies Latest reply: Jun 27, 2018 7:21 AM by Anwar Pardawala RSS

    ADFS Connectivity Error 400

    Ahmed Syed

      I have configure the ADFS for the Qlik Sense environment and Have all the parameters for a clustered environment with 3 nodes.

      Upon configuring the ADFS I get the error message

      "Error 400 - Bad request

      Contact your system administrator. The user cannot be authenticated by the SAML response through the following virtual proxy: ADFS"

      I have also linked all the proxies to the ADFS Virtual Proxy and set the parameters as below:

       

      SAML Attribute mapping:

       

      http://schemas.xmlsoap.org/claims/Group    -- Group

      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn  --- upn

       

      Please let me know if anyone has this same issue.

        • Re: ADFS Connectivity Error 400
          Ahmed Syed

          This Issue is resolved, 90% of the time the issue is with the configuring the right SSL certificates of the Qlik Sense Node in the ADFS Relying Party Trust.

          For an  ADFS setup for multimode Cluster requires adding the SSL certificates in the ADFS server. Also, make sure the same certificates' thumbprint is added in the Center node QMC within the registered proxies in the security section.

           

          Right configuration of the certificates resolved this issue.

            • Re: ADFS Connectivity Error 400
              Jim Chan

              Hi,

               

              I am facing the same issue. But I dont understand the part - with the configuring the right SSL certificates of the Qlik Sense Node in the ADFS Relying Party Trust.

               

              I am deploying SAML in the development server. the Cert u r talking about... is it a self sign cert????

               

               

              Rgds

               

              Jim

            • Re: ADFS Connectivity Error 400
              Anwar Pardawala

              Hi Ahmed,

               

              I have done SAML for single node bit confused how its done on cluster.

              I have Central node with a Failover node and 2 Consumer Node

              Central Node would be for Development and Scheduling.

               

              Do you have steps how to do SAML for such scenario?

               

              Regards,

              Anwar