The authentication endpoint Username was not found on the configured Secure Token Service

(0) Share

Report

Posted on by Jorge S

Hi,

after updating Service communication certificate in ADFS and re-configure claims based authentication and IFD, CRM works fine, but our azure web app is sowing this error:

WSFederationAuthenticationModule_SecurityTokenValidated in Global.asax 
Exception: The authentication endpoint Username was not found on the configured Secure Token Service!

I've updated the certificate in the azure app.

I've seen may post about enabling the end point in ADFS, but also many suggest is not a secure solution plus that has not changed from before updating the certificate.

Which could be the issue here? Thanks a lot

*This post is locked for comments

I have the same question (0)

All responses (4)

Answers (1)

Suggested answer

Nadeeja Bomiriya 6,804 on at

Like (1)

Report

Hi Jorge,

Please check if you have completed all the steps as mentioned in below article.

support.microsoft.com/.../2921805

Was this reply helpful? Yes No
Suggested answer

Nithya Gopinath 17,078 on at

Like (1)

Report
Hi,

To resolve this error:

First, make sure the user you have set up as the service account has Read/Write access to CRM and has a security role assigned that enables it to log into CRM remotely.

Next, make sure the Username endpoint is configured in the ADFS deployment that this CRM org is using:

Log onto the ADFS server and open the ADFS management console. Go to ADFS > Service > Endpoints

You’ll see a list of endpoint URLs here. Find the one for /adfs/services/trust/13/username of type WS-Trust 1.3

Make sure that this endpoint has “Yes” set for both the Enabled and Proxy Enabled settings.

If you have to make a change to this endpoint, after making the change re-start the ADFS server and the CRM server, then try to register again.

Lastly, if the above looks okay, it could be a resolution or routing issue blocking the connection. Make sure that there are external DNS entries for the path to your ADFS server. Also, make sure that your firewall permits external access to the ADFS server. If you are able to, try to use a computer that is outside of your domain to navigate directly to the ADFS server to test its accessibility.

Refer help.clickdimensions.com/the-authentication-endpoint-username-was-not-found-on-the-configured-secure-token-service-error-when-registering/ for more details of this error.

Was this reply helpful? Yes No
Verified answer

Nadeeja Bomiriya 6,804 on at

Like (1)

Report

Hi Jorge,

Please check out this article which recommends a solution without enabling the Username endpoint.

blog.gagepennisi.com/.../the-authentication-endpoint-username.html

Was this reply helpful? Yes No
Jorge S on at

Like (0)

Report

Hi, thank you both for your replies.

I have follow all links and even I did enable the endpoint, but strangely it still fails.

This error is showing also in the Email router

Was this reply helpful? Yes No