Question - Eramba SAML Configuration with Entra

Question: Need assist with SAML connector related error. I’ve exhausted all the resources I could find.

More information:

  1. Running the most recent version of Eramba Community on Azure VM with Docker
  2. I first followed the directions published in 2021 (in text form) from this site and was unable to successfully connect.
  3. Following that I found the YouTube video produced by Eramba in 2022 regarding the SAML connector. I started over, followed it to the letter and continued to get the exact same error.
  4. I found all the tips, pointers, etc out there and ensured that all of that was applied…still the same error.

So now I am asking for help.

Screenshot 1/2 is my configuration in Eramba SAML connector redacted for privacy.
Screenshot 3 is my Azure application configuration redact for privacy.
Screenshot 4 is the actual error I get when I try to login via SAML with a known user.

Related to login, I can successful see the SAML button on the login page, I click that and it correctly takes me to the tenant I am trying to authenticate against and presents Microsoft username prompt, then password prompt…and then I get the error shown in Screenshot 4.

Any guidance would be greatly appreciated…I am out of ideas.

Thank you

**Had to combine all screenshots to one b/c the system won’t let my upload more than one. Hopefully its still legible.


Very nice post. Please write to and we will schedule a call to check together. It is very hard to debug over email or forum post.

Thanks Sam! Will do.

Doing a quick compare of my working settings versus yours - on the Eramba side, I have “Authentication Context” set to “Disabled”, you do not. You also do not have the callback URLs for vendor assessments and account reviews set up, but that won’t impact you until you login from those screens vs /login.

I assume you’ve assigned the app to users on the Azure side as well?

The problem is the SP Entity ID URL that eramba is suggesting in the SAML connector modal. For some reason, this is not working for Azure. You have to use it in the old form.
Instead of:
you have to use:

We already have an issue created: