Secure Access and VPN SAML Application with Identifier X not Found in IDP

Available Languages

Download Options

  • PDF     (17.0 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (82.9 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (67.5 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:February 18, 2026
Document ID:225495

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Contents

Issue

The organization is currently utilizing secure access for its internal end users and now requires secure access for external vendors.

You are using RA VPN with SAML and getting this error:

Application with Identifier https://x,x,x,x.vpn.sse.cisco.com/saml/sp/metadata/Cisco-RAVPN was not found in the directory Northfield Hospital and Clinics.This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. It is possible that you have sent your authentication request to the wrong tenant.

Environment

  • Technology: Solution Support (SSPT - contract required)
  • Subtechnology: Secure Access – RA VPN
  • Product Family: SECACCS
  • Authentication Method: SAML

Resolution

The aforementioned error is presented because of Wrong Entity ID (Identifier) on one side.

The Entity ID configured in Secure Access VPN Profile configured with SAML does not match Entity ID configured on the IDP

 → Enterprise Application → Identifier (Entity ID) Entity ID - https://x.x.x.x.vpn.sse.cisco.com/saml/sp/metadata/Cisco-RAVPN.

Whatever Entity ID is configured on Cisco Secure access has to match with an Entity ID configured in the SAML Application in IDP.

Cause

Entity ID mismatch between Service Provider and IDP

Related Content

Revision History

Revision Publish Date Comments
1.0
11-Mar-2026
Initial Release
TAC Authored

Contributed by Cisco Engineers

  • Amit Arora
    Technical Consulting Engineer

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products