Resolve SSO authentication errors by verifying the SAML Response Audience element against the service provider’s assertion consumer service (ACS) URL for accurate configuration.
Table of Contents
Question
Your organization implemented Single Sign-On (SSO) for the multiple cloud-based services it uses. During authentication, one service indicates that access to the SSO provider is not possible due to invalid information. What should you do?
A. Update the validation certificate.
B. Verify that the Audience element in the SAML Response matches the assertion consumer service (ACS) URL.
C. Run nslookup to confirm that the service exists.
D. Ensure that Microsoft’s Active Directory Federation Services 2.0 sends encrypted SAML Responses in default configurations.
Answer
B. Verify that the Audience element in the SAML Response matches the assertion consumer service (ACS) URL.
Explanation
The Audience element within the SAML Response specifies the intended recipient of the assertion, which should align with the ACS URL of the service provider. A mismatch indicates a configuration error preventing successful authentication.
Google Professional Google Workspace Administrator certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Google Professional Google Workspace Administrator exam and earn Google Professional Google Workspace Administrator certification.