SAML Authentication Issue Due to IDP Response "urn:oasis:names:tc:SAML:2.0:status:Requester"Issue Upon reviewing the SAML logs, it was identified that the Identity Provider (IDP) is sending the SAML response with the status "oasis:names:tc:SAML:2.0:status:Requester", whereas the instance expects "oasis:names:tc:SAML:2.0:status:Success". This discrepancy indicates an issue originating from the IDP side. ReleaseNot Applicable [as the issue is from IDP side]Resolution In a recent scenario, reviewing the ADFS logs revealed the following Microsoft error: "MSIS7070 ADFS error" "The SAML request contained a NameIDPolicy that was not satisfied by the issued token. Requested NameIDPolicy: AllowCreate: False Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress SPNameQualifier: . Actual NameID properaties: null." The customers' IDP team has reviewed the above error further in depth and then configured a new policy on their AD/ADFS side to use "incoming claim type" as "UPN", and outgoing as "Name ID" which has resolved the issue for customer. Important Note: As documented in the ServiceNow SAML Errors Guide, this is an IDP-related error. It is recommended to work closely with your IDP team to analyze logs, review errors, and implement the necessary configuration updates accordingly.