SSO - ADFS : Invalid URI: The format of the URI could not be determined

Question

I developed a small .Net web application to access my identity provider on my ADFS. I am using ITfoxtec.Identity.Saml2 library to build my redirect link from xml metadata.

So I have this link:

https://my_server_name/adfs/ls/?SAMLRequest=fJBPT4QwEMW%2FCum90BZcygRIyO5lE72o8eDFFChZktJip7h%2BfOtq4u7FZC7z5%2Fde3tSoFiNW6LZwso%2F6fdMYks%2FFWISfTUM2b8EpnBGsWjRCGOCpe7gHkTJYvQtucIZcM%2F8jClH7MDtLkuOhIW88l0MpJ0arQk%2B0GEdFVcly2u9YtROy5HnVk%2BRFe4xMQ6JEBBE3fbQYlA1xxASnPJZ85gLuBHCZcsnKIhevJDnERLNV344NOYWwImQZ%2Bg96ni0VjFfpZNx5HpH2S2rcoEymxgkzgxlp60sguPj59u%2BQXgvQfVdnN4e%2F7e1b2y8AAAD%2F%2FwMAAAAAAAAAAAAAAAAAAA%3D%3D&RelayState=ReturnUrl%3D%252F

But I have this error:

An error has occurred An error has occurred. Contact your administrator for more information. Error details Activity ID: 054c61c6-e0c3-4d44-3200-0080010000de Error details: Invalid URI: The format of the URI could not be determined. Node name: 67c310dd-3d3b-41d2-ac9b-c08eff063ced Error time: Thu, 18 Nov 2021 13:37:23 GMT Cookie: enabled User agent string: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 96.0.4664.45 Safari / 537.36

score 0 · Answer 1 · answered Nov 19 '21 at 10:51

Your SAML 2.0 Authn Request looks like this:

<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_138c78f0-94ef-4dda-a703-b6096287139b" Version="2.0" IssueInstant="2021-11-18T12:52:18.1807432Z" Destination="https://srv-win-2019.flowids-bm.local/adfs/ls/">
  <saml2:Issuer>flowids-bm-srv-win-2019-CA</saml2:Issuer>
</saml2p:AuthnRequest>

Maybe your AD FS require the issuer flowids-bm-srv-win-2019-CA to be a URI like e.g. urn:flowids:bm:srv:win:2019:CA. Or maybe an endpoint is incorrect.

SSO - ADFS : Invalid URI: The format of the URI could not be determined

1 Answers1