Unable to authenticate via SAML to System Manager because the IdP metadata does not contain an email address [kern_shibd:info:9583] WARN Shibboleth.SessionInitiator.SAML2 [1] [default]: unable to loca...Unable to authenticate via SAML to System Manager because the IdP metadata does not contain an email address [kern_shibd:info:9583] WARN Shibboleth.SessionInitiator.SAML2 [1] [default]: unable to locate metadata for provider (https://sts.iconplc.com/adfs/services/trust) Unknown or Unusable Identity Provider The identity provider supplying your login credentials is not authorized for use with this service or does not support the necessary capabilities
Applies to ONTAP 9+ Answer ONTAP System Manager only supports SAML with Windows ADFS, Shibboleth, and Cisco DUO. DUO was added in 9.12.1 and then backported to these P releases as well: For SSH the SA...Applies to ONTAP 9+ Answer ONTAP System Manager only supports SAML with Windows ADFS, Shibboleth, and Cisco DUO. DUO was added in 9.12.1 and then backported to these P releases as well: For SSH the SAML protocol is not supported at all. SSH supports MFA with CAC, public key, Yubikey, FIDO2, PIV, Cisco DUO and 'Time-Based One-Time Password' (TOTP) for Microsoft and Google Authenticator support. Additional Information Multifactor authentication in ONTAP Best practices and implementation guide
Applies to ONTAP System Manager 9.8P3 SAML authentication Issue Login via SAML fails: The authentication process seems to go normal After entering the Multifactor Authentication Token an error appears...Applies to ONTAP System Manager 9.8P3 SAML authentication Issue Login via SAML fails: The authentication process seems to go normal After entering the Multifactor Authentication Token an error appears: Status:urn:oasis:names:tc:SAML:2.0:status:Responser