I'm trying to integrate Simplesamlphp as a Service Provider with ADFS IDP. I've integrated this twice before with other clients, but now i'm getting an error I can't figure out.
This is from the Microsoft logs:
The SAML request contained a NameIDPolicy that was not satisfied by the issued token. Requested NameIDPolicy: AllowCreate: True Format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient SPNameQualifier: . Actual NameID properties: null.
I have transient set as the NameIDPolicy in simplesaml. I've also tried the claims in this link InvalidNameIDPolicy. This worked for the other idp's but not this one.
Again, I have implemented this twice before with ADFS, and once with some third party solution. Not sure what steps to take next. Any help appreciated.
