![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 83%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,703 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
This error comes in when you have enabled one of the features "SAML Request Signature Verification" and when either the application is not sending the signed SAML authentication request to AAD or in Azure AD you have not uploaded the correct certificate for it to validate the authentication request.
To fix this issue you can check and confirm if correct certificate is uploaded. To check this, you can follow below steps,
- Login to Azure AD portal.
- Access Azure active directory blade.
- Click on Enterprise applications blade.
- Once you see list of all configured application you can click on the application for which you are getting an error.
- Click on Single sign-on blade and then look at "Verification certificates (optional) (Preview)" on the right pane.
- Confirm if the certificate uploaded is the correct one.
If Azure AD has the correct certificate, then the issue might be from the application side. Application might not be sending the signed SAML authentication request to AAD.
Let me know if you have any further questions. This error comes in when you have enabled one of the preview features "SAML Request Signature Verification" and when either the application is not sending the signed SAML authentication request to AAD or in Azure AD you have not uploaded the correct certificate for it to validate the authentication request.
To fix this issue you can check and confirm if correct certificate is uploaded. To check this, you can follow below steps,
- Login to Azure AD portal.
- Access Azure active directory blade.
- Click on Enterprise applications blade.
- Once you see list of all configured application you can click on the application for which you are getting an error.
- Click on Single sign-on blade and then look at "Verification certificates (optional) (Preview)" on the right pane.
- Confirm if the certificate uploaded is the correct one.
If Azure AD has the correct certificate, then the issue might be from the application side. Application might not be sending the signed SAML authentication request to AAD.
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.