Solutions
ForgeRock Identity Platform
ForgeRock Identity Cloud

SP initiated login fails in Identity Cloud or AM (All versions) with Service Provider ID is null error

Last updated Sep 22, 2021

The purpose of this article is to provide assistance if a SP initiated login fails in Identity Cloud or AM with an error, "Service Provider ID is null". The request sent by the client was syntactically incorrect. For example, your login URL is similar to: https://sp.example.com:8443/openam/saml2/jsp/spSSOInit.jsp


Symptoms

An error similar to the following is shown in the browser when the login URL is called:

HTTP Status 400 - Service Provider ID is null. type Status report  message Service Provider ID is null.  description The request sent by the client was syntactically incorrect.

Recent Changes

Configured SAML 2.0 Federation to initiate SSO from the service provider side.

Causes

The identity provider cannot be identified due to incorrect or missing metaAlias.

Solution

This issue can be resolved by including metaAlias in the login URL (which is a required parameter). This parameter specifies the local alias for the service provider.

An example URL for a SP initiated login is:

https://sp.example.com:8443/openam/saml2/jsp/spSSOInit.jsp?metaAlias=/sp&idpEntityID=https%3A%2F%2Fidp.acme.com%3A8443%2Fopenam
Note

The spSSOInit.jsp element of the URL is case-sensitive and the URL will fail if this is in the wrong case. For example, including spssoinit.jsp in the URL will not work.

See Also

How do I configure IdP or SP initiated Single Sign On in AM (All versions)?

How do I redirect to a specific page after a successful IdP or SP initiated login in AM (All versions)?

FAQ: SAML federation in AM

SAML Federation in AM

Implementing SSO and SLO

Related Training

ForgeRock Access Management Core Concepts (AM-400)

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.