fujie
commented
5 years ago Do you mean your java web app(SP) redirect user to 'https://login.microsoftonline.com/te/MYTENANTID.onmicrosoft.com/B2C_1A_SignInSaml/samlp/sso/assertionconsumer' ? If so, check your web app configuration. The web app(SP) should be configured to redirect to SSO Service Url with authentication request and Azure AD B2C's SSO Service Url is this: https://login.microsoftonline.com/te/TENANTID.onmicrosoft.com/B2C_1A_SignInSaml/samlp/sso/login
davidlevy-ecommbi
I have carefully followed the steps in these 2 tutorials to configure custom policies for SSO using SAML2, connecting AD B2C with a Java WebApp:
When logging in, my Web App (SP) builds the SAMLRequest and posts it to https://login.microsoftonline.com/te/TENANTID.onmicrosoft.com/B2C_1A_SignInSaml/samlp/sso/login. After that, I'm automatically redirected to the following URL:
https://login.microsoftonline.com/te/MYTENANTID.onmicrosoft.com/B2C_1A_SignInSaml/samlp/sso/assertionconsumer
And the following error is displayed:
Sorry, but we're having trouble signing you in.We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, please try again. Correlation ID: 5bc89c54-bd95-4a4a-8072-fc4f5721c8d2 Timestamp: 2018-10-02 03:08:30Z AADB2C90165: The SAML initiating message with id '' cannot be found in state.
Already googled the issue and asked to Microsoft's support, but no answer found in either of them. Since Identity Framework is in Preview, there's no official support for these features.
Attached my custom policies
customPolicies.zip
.