KNOWLEDGE BASE

Redirect to ADFS Server due to Missing AuthNResponse for SAML Authentication


Published: 13 Apr 2018
Last Modified Date: 13 Jul 2018

Issue

When logging into a Tableau Online site, configured for SAML authentication with ADFS as IdP, users may be denied access and redirected to the ADFS server.

Additionally, the following error may appear in the tableau_authentication.log that can be downloaded from the Authentication tab in the Tableau Online Settings page:

|    ERROR | requestId=[abcdefghij], url=[/public/sp/SSO], status=[401], cause=[Error validating SAML message; caused by: Response has invalid status code urn:oasis:names:tc:SAML:2.0:status:Responder, status message is null], displayableMessage=[null], exceptionClass=[null]

Environment

  • Tableau Online
  • SAML
  • ADFS

Resolution

Update the ADFS Relying Party to include the following URLs:
  • Tableau Online Entity ID for your site, i.e. https://sso.online.tableau.com/public/sp/metadata?alias=...
  • https://sso.online.tableau.com/public/sp/metadata?
  • https://sso.online.tableau.com

Cause

ADFS does not send SAML AuthNResponse for Tableau Online authentication due to incorrect configuration.
Did this article resolve the issue?