I have been trying to setup SSO in Azure with Cisco Intersight. I have been following the steps provided using the two guides below but not sure what I'm missing and getting "Invalid Request" "Cannot create a web session. Failed to validate SAML assertion. Please contact your IdP administrator"
Steps taken for configuration:
-Create Cisco Intersight application in Azure
-Upload the Intersight metadata file from Intersight
-Changed the Required claim to user.mail with "Email address" as the Name Identifier format and user.mail as the source attribute
-Downloaded the Federation Metadata XML file and uploaded it to Intersight and matching domain name as my domain in Azure
-Created second user with Azure IDP and gave the account admin permission
The only thing that I can think of is that I'm using the Azure trial version and unable to create Groups for the application in Azure. However I should still be able to login using any single account from Azure.
Using Chrome SAML-tracer I can see the error:
Any suggestions or workarounds would be greatly appreciated. :)