Cumulocity Version: eu-latest
I’m currently in the process of setting up SSO.
When Trying to log in via SSO I get the following Message:
{"message":"There is an error with the SSO configuration. Please contact your system administrator.\nVerify discovery URL for Azure AD or Jwks Uri. : Verify discovery URL for Azure AD or Jwks Uri.","error":"general/internalError","info":"https://www.cumulocity.com/guides/reference-guide"}
The Cumulocity Audit-Log Shows a JWT
{"x5t":"***","kid":"***","typ":"JWT","alg":"RS256"} {"aud":"*application-ID from Azure AD*","iss":"https://sts.windows.net/*tenant*/","iat":1736326519,"nbf":1736326519,"exp":1736331346,"acr":"1","aio":"***","amr":["pwd","rsa"],"appid":"*application-ID from Azure AD*","appidacr":"1","deviceid":"***","family_name":"***","given_name":"***","ipaddr":"***","name":"***","oid":"***","onprem_sid":"***","rh":"***","scp":"User.Read","sub":"***","tid":"***","unique_name":"***","upn":"***","uti":"***","ver":"1.0"}
My SSO Configuration is as follows:
- Basic
- Azure AD address : https://login.microsoftonline.com
- Tenant : ***.onmicrosoft.com
- Application ID : application-ID from Azure AD
- Redirect URL : https://***.eu-latest.cumulocity.com/tenant/oauth
- Client secret : Azure AD Client Secret
- Token issuer : https://sts.windows.net/*tenant*/
- User data mappings
- Retrieve from Access token
- First name: given_name
- Last name: family_name
- Email: email
- JWT field: oid
- Signature verification Public key discovery URL