Hi everyone,

I am creating a lab to integrate an Identity Provider with Smart Console to login using users for Azure AD.

The environment I am using for the lab is an MDS with version R81.20 and JHF 70.

I have been following this documentation: Creating an administrator account with SAML Login authentication.

When I finished creating the Azure application and linking it to the Identity Provider object in the Global Domain inside the MDS, I tried to authenticate through Identity provider inside the Smart Console, everything seemed to work fine but when I was redirected back to the Smart Console I got the following error message:

Error: An error occurred in processing the SAML response. Make sure the 'Entity ID' is correct, that the response is signed and that this is the Service Provider initiated flow

I have searched about the issue and with the guide from the next SK and Check Mates Post trying to fix the problem but I still have the problem.

sk181695 - Error trying to connect to Azure SAML

https://community.checkpoint.com/t5/Management/SAML-Authentication-Login-for-issue-can-not-login/td-...

Then I tried upgrading JHF 70 > JHF 89 but I still see the same error.

Do you guys think any additional steps are needed for this integration within a MDS?

*In addition, does anyone know if it is important to create an Azure AD type object? If it is necessary, where should it be created, within the Global Domain or in a specific domain?

Note: I attached some additional images of how the application is configured in azure and the object in the MDS. I am not sure if they are helpful for a better view of the problem (I did compare the Entity ID parameters and they are exactly the same if you ask.).