Get SAML assertion for an app by sharing assertion of an authenticated user in another app in the same tenant
Hi All,
We would want our front end application registered in Azure AD to be able connect to SAP C4C system using principal propagation. User principal would need to be propagated to SAP C4C and be able to invoke C4C Odata apis.
Our front end application is registered in Azure AD and single signon is configured as SAML. As per documentation we have also registered SAP cloud platform app as Enterprise application in Azure AD. Trust is established in SAP BTP for the Azure AD with metadata exchange.
User is able to login to the front end application and be able to get a valid SAML assertion.
I am running into issue when using the logged in user assertion to get a SAML assertion for the SAP cloud platform app registered in Azure AD.
Has anyone faced the same issue. We would need the SAML assertion of the SAP cloud platform app to be able request oauth token from SAP XSUAA.
Any help would be much appreciated!!!
"error_description": "AADSTS50107: The requested federation realm object 'https://sts.windows.net/e9d3ccxxxxxxxxa05xxxxxxx878/' does not exist.\r\nTrace ID: 20967567-97a5-48b7-9f5c-bc2d24383200\r\nCorrelation ID: 6582989f-bb13-4c07-b07f-5351b4e998af\r\nTimestamp: 2021-09-23 18:44:40Z",