Your organization has implemented Single Sign-On (SSO) for the multiple cloud-based services it utilizes. During authentication, one service indicates that access to the SSO provider cannot be accessed due to invalid information. What should you do?
A.
Verify the NameID Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.
B.
Verify the Audience Element in the SAML Response matches the Assertion Consumer Service (ACS) URL.
C.
Verify the Subject attribute in the SAML Response matches the Assertion Consumer Service (ACS) URL.
D.
Verify the Recipient attribute in the SAML Response matches the Assertion Consumer Service (ACS) URL.
Question is incorrect. The correct error message is "This service cannot be accessed because your login request contained invalid [destination|audience|recipient] information."
Depending of the message, you should review destination, audience or recipient.
So all but not A.
I think it's D, the error is vague, but according to this page (https://support.google.com/a/answer/2463723 again) "This service cannot be accessed because your login request contained invalid [destination|audience|recipient] information. Please log in and try again." is for only Recipient Value, while "This service cannot be accessed because your login request contained invalid [destination|audience|recipient] information. Please log in and try again." applies to the other 3 errors.
None of the other SAML errors listed apply to SAML elements.
B is correct, according to this link [https://support.google.com/a/answer/6330801?hl=en#zippy=%2Ctroubleshoot-problems%2Cuse-elements-and-attributes] the audience element cannot be empty.
B is the correct option
https://support.google.com/a/answer/2463723
"This service cannot be accessed because your login request contained invalid [destination|audience|recipient] information. Please log in and try again."
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Fadhli
Highly Voted 4 years, 12 months agonwk
Highly Voted 5 years ago[Removed]
Most Recent 3 years, 5 months agojcloud965
3 years, 6 months agoKristuc
4 years, 1 month agoTheZug
4 years, 3 months ago1ewj7
4 years, 6 months agoDanIRMark
4 years, 5 months agoDub2U
3 years, 5 months agoDiani
4 years, 6 months agosaurabh1805
4 years, 8 months agomarlyagus
4 years, 8 months agoHateMicrosoft
4 years, 10 months ago