|Applies To||RSA Product Set: SecurID Access|
RSA Product/Service Type: Cloud
Product Name: Microsoft Office 365
Product Description: WS-federation integration with SecurID Access
|Issue||When trying to access the Microsoft Azure portal, the user tries to login and the portal returns the following error:|
AADSTS50107: Requested federation realm object 'http://<Identity Router FQDN>/' does not exist.
On the cloud admin user event monitor, the user is authenticated successfully using the password but still not being able to login to Microsoft Azure.
|Cause||This issue is usually caused by mismatched configuration from either the Microsoft Azure side or on the application side for the cloud admin.|
The difference could be a very minor between the URI on both sides and can be as simple as an extra backslash at the end of the URI. For example, in the strings below, the first IssuerUri is on the Microsoft side:
Note the difference with the IssuerUri on the cloud admin side:
For more information, see the Microsoft Office 365 - WS-Federation SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide.