View Source

Problem

You cannot login due to the InResponseTo Check which is faiing.
In the login you see this error

org.opensaml.common.SAMLException: InResponseToField of the Response doesn't correspond to sent message abcde0123456

Reason

When the Application generates an AuthnRequest, it stores the ID of this request. The corresponding response from the IdP must have the InResponseTo attribute set to the same ID value, so the application can verify that the Response is meant for the Request that has been sent. The Application removes this ID once it has been processed.

There are some rare cases that can happen that the Application can not match the ID, such as:
You have bookmarked the Request to the IdP server. In this case the ID has been removed in a previous login response.
The browser sends the Response Twice (e.g. the user clicks on the reload page button)
...

Solution

Disable the InResponseTo Check

You may want to use a panel to highlight important steps.

Use numbered lists to provide step-by-step help.
Copy and paste or drag and drop images to add them to this page.

Problem

Reason

Solution

Related articles