KNOWLEDGE BASE

Error "SAMLException: NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration" When Authenticating with SAML


Published: 17 Dec 2015
Last Modified Date: 06 Dec 2019

Issue

When attempting to authenticate with SAML, the following error might occur:

SAMLException: NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration.

Environment

  • Tableau Server 
  • SAML

Resolution

Work with your IdP to ensure that the NameId element is passed in the Subject block of the SAML response.

For example, see a Subject including NameID: 
<saml:Subject> 
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">John</saml:NameID> 
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> 
<saml:SubjectConfirmationData Recipient="http://servername/wg/saml/SSO/index.html
NotOnOrAfter=
"date/time" 
InResponseTo=
"......."/> 
</saml:SubjectConfirmation> 
</saml:Subject> 

Cause

NameID included in the Subject of the assertion is required by the SAML 2.0 protocol.
Did this article resolve the issue?