Scribd
Upload
305 views2 pages

User Authentication Failed in IAS Due To Error "Cookie Name Is Not Valid"

The document discusses an issue where user authentication is failing in Identity Authentication Service (IAS) due to an error stating that the cookie name is invalid. The root cause is a misconfiguration where the Assertion Consumer Service endpoint URL is not configured correctly for the application in IAS. The resolution involves accessing the IAS administration console and ensuring the correct Assertion Consumer Service endpoint is configured for the application.

Uploaded by

Rituraj Jain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
305 views2 pages

User Authentication Failed in IAS Due To Error "Cookie Name Is Not Valid"

The document discusses an issue where user authentication is failing in Identity Authentication Service (IAS) due to an error stating that the cookie name is invalid. The root cause is a misconfiguration where the Assertion Consumer Service endpoint URL is not configured correctly for the application in IAS. The resolution involves accessing the IAS administration console and ensuring the correct Assertion Consumer Service endpoint is configured for the application.

Uploaded by

Rituraj Jain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

SAP Knowledge Base Article

2698571 - User authentication failed in IAS due to error "Cookie name is not valid"
Component: BC-IAM-IDS (Basis Components > Identity and Access Management > Identity Authentication
Service), Version: 10, Released On: 29.02.2024

Symptom
The authentication through Identity Authentication (IAS) tenant is failing and the respective IAS Troubleshooting Logs shows
the below error message:
"... message=""User authentication failed.Cookie name is not valid: ..."

Environment
Identity Authentication
SAP Business Technology Platform

Reproducing the Issue


The behavior is reproduced by attempting to log in to an application through an Identity Authentication tenant.

Cause
The root cause of this behavior is a misconfiguration.
It occurs when the Assertion Consumer Service (ACS) Endpoint URL is not configured correctly.
This Endpoint should point to the Service Provider's endpoint URL that receives the response with the SAML assertion from
Identity Authentication.

Resolution
1. Access the affected Identity Authentication tenant's Administration Console;
2. Navigate to: Application & resources -> Applications -> Select the Application -> Trust -> SAML 2.0 Configuration ->
Assertion Consumer Service Endpoint;
3. Ensure that the correct configuration is maintained. See Configure SAML 2.0 Service Provider;
4. Additionally, when using IdP-initiated configuration, ensure that the corporate IdP is sending SAML Response with that
the assertion consumer service (ACS) endpoint URL contains the attribute 'sp' indicating the target application. For
more details, see Configure IdP-Initiated SSO with Corporate Identity Providers.

Keywords
SSO, single-sign-on, login failed, artifact, JAVA, Service Provider, SP, Identity Provider, IDP, Issue, Instant is not valid, SAP,
Production, ABAP, R/3, ERP, SRM, CRM, ERP, PPM, SEM, APO, XI, PI PORTAL, Test development, QA, SAML 2.0,
SAML2Assertion, Warning, saml2.sp.ResponseValidationService, SAML2Assertion, Service Provider, SAMLREQUEST, User
authentication failed.Cookie name is not valid: null Id:

Products
Products

SAP Business Technology Platform all versions

SAP Cloud Identity Services all versions

SAP Integrated Business Planning 1808


This document refers to
SAP Note/KBA Component Title

Configure SAML 2.0 Service Provider

This document is referenced by


SAP Note/KBA Component Title

3397395 FAQs about IAS General Information and Configuration for S/4HANA Public Cloud Customers

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy