Article - CS327279

"Incoming SAML message is invalid" "Endpoint with message binding <Binding> and URL <URL> wasn't found in local metadata" is logged in the SecurityLog when authenticating to ThingWorx Platform with Single Sign-On (SSO) enabled

Modified: 28-Aug-2024

Applies To

ThingWorx Platform 8.3 to 9.5

Description

ThingWorx SSO login fails with following error logged in the SecurityLog.log file located in <ThingworxStorage>\logs

[L: ERROR] [O: S.c.t.s.a.AuthenticatorExceptionHandler] [ Incoming SAML message is invalid ][ Endpoint with message binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST and URL http://<Host>/Thingworx/saml/SSO wasn't found in local metadata ]

Seeing the SSL URL get truncated when logging into ThingWorx Platform via Single Sign-On (SSO)
Additional SSO steps required when ThingWorx has a reverse proxy server or load balancer with SSL termination configured or if ThingWorx Flow is installed

This is a printer-friendly version of Article 327279 and may be out of date. For the latest version click CS327279

Answers and online help

Support cases and reported issues

Ask the PTC Community

Product Support Home Page

Support services

Trying to solve an issue?

Download software

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Find a PTC partner

PTC Implementation Services

Answers and online help

Support cases and reported issues

Ask the PTC Community

Product Support Home Page

Support services

Trying to solve an issue?

Download software

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Find a PTC partner

PTC Implementation Services

"Incoming SAML message is invalid" "Endpoint with message binding <Binding> and URL <URL> wasn't found in local metadata" is logged in the SecurityLog when authenticating to ThingWorx Platform with Single Sign-On (SSO) enabled

Applies To

Description

Knowledge Base Access

Sign In

Sign In

Answers and online help

Support cases and reported issues

Product Support Home Page

Support services

Trying to solve an issue?

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

Answers and online help

Support cases and reported issues

Product Support Home Page

Support services

Trying to solve an issue?

Licenses

Plan updates and upgrades

Proactive system scans and performance

PTC services and SaaS products

Product guides and references

Product Training

Developer guides and tools

"Incoming SAML message is invalid" "Endpoint with message binding <Binding> and URL <URL> wasn't found in local metadata" is logged in the SecurityLog when authenticating to ThingWorx Platform with Single Sign-On (SSO) enabled

Applies To

Description

Flagging content with inappropriate information will hide this article from public view for you and other customers, do you want to continue?

Knowledge Base Access

Sign In