Issue:
We're running Web Agent Option Pack as IDP and SAP server as SP, when the
browser sends a HTTP-POST to the SP Sap Server, this one returns 400
bad request error.
How can we fix that ?
Resolution:
This is a known issue by SAP Analytic.
2649833 - HTTP Status 400 - Bad Request after login to SAP Analytics Cloud
Symptom
You enable a custom SAML Identity Provider in your SAP Analytics Cloud (SAC)
Environment
SAP Analytics Cloud •
Any valid SAML 2 Identity Provider (IdP) •
Cause
The SAML assertion returned to SAC doesn't contain a valid Name ID required to validate the user.
For example, you selected Custom SAML attribute as the attribute method to map users.
Value returned by the IdP:
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-
format:emailAddress">user@example.com</saml:NameID>
Value in the column Custom SAML attribute:
P000234
Not only the values are different, also the nameid-format is expecting an email address.
Resolution
Make sure that the value returned from your custom IdP matches the value selected in SAP Analytics Cloud.
https://apps.support.sap.com/sap/support/knowledge/public/en/2649833
KB : KB000116998