Question - Authentication: Cannot login via SAMl with Azure AD anymore


suddenly we cannot login to eramba anymore via SAML and Azure AD. Azure AD tells us: AADSTS75011: Authentication method ‘X509, MultiFactor’ by which the user authenticated with the service doesn’t match requested authentication method ‘Password, ProtectedTransport’.

We did not change the application registered in Azure AD for eramba or at least we are not aware of a change in our configuration, neither in eramba nor in Azure AD. Did anyone else already encounter this problem?

Our version: App Version: 3.16.3 | DB Schema Version: 20220921113150 | Community


It is always best to update to the latest version with the local admin account.
But from what you are saying, this setting might be a problem? Check the SAML connector.

For one of my other businesses (low value sort of information handled), Microsoft recently force rolled out MFA to all users. If this happened to your domain then that may be the root cause there…

1 Like

We have absolutely no idea why, because we neither changed the eramba nor the Azure AD config, but suddenly logging in works again. Thanks for the hints. Considering the “Authentication context” and the Azure AD error message logging into eramba should never have worked before if the “pass word protected transport” config and the auth methods “X509, MultiFactor” are not compatible.