Is it possible to enable local IDP on Strata Cloud Manager ?

Is it possible to enable local IDP on Strata Cloud Manager ?

163
Created On 01/19/26 14:48 PM - Last Modified 01/20/26 08:12 AM


Question


Is it possible to enable local IDP to authenticate to Strata Cloud Manager?

Why after enabling IDP the user is seeing an error "AADSTS750054  - SAML Request or SAMLResponse must be present as query string parameters in HTTP Request for SAML Redirect Binding"  when enabling Microsoft Entra ID on Strata Cloud Manager :

 

Environment


Strata Cloud Manager 

Answer


Strata Cloud Manager  supports  only  SP (service provider-initiated)    single sign-on (SP-initiated SSO) meaning the user must  go to direct SCM URL and authenticate using their local IDP.

Strata Cloud Manager  doesn't support IDP initiated login (meaning the user cannot access SCM app from their IDP login page).

To resolve the error  :   the user must log in to    stratacloudmanager.paloaltonetworks.com  and authenticate using local IDP. 

Additional Information


Other possible causes for the error can be checked  in the Entra ID KB article : Error AADSTS750054 - SAMLRequest or SAMLResponse must be present as query string parameters in HTTP request for SAML Redirect binding

How To Enable a Third-Party Identity Provider (IdP)

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000wkKrKAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail