SAML 2.0 authenticaton with On premise AD


For my traditional web application am trying to implement SSO authentication using SAML 2.0. AD is on premise and support SAML 2.0 protocol. Version of OutSystems is 11.9.0. But when try to import sp meta data file in AD it gives below error. error screen shot attached.

We create a manual entry in ADFS then it succeeded in authentication but in SAML response again giving error. Below is error :

The SAML authentication request had a NameId Policy that could not be satisfied.

Requester : http://****

Name identifier format : urnoasis:names:tc:SAML:2.0:nameid-format:persistent



MSIS7070:The SAML request contained a NameIDPolicy that was not 

satisfied by the issued token. Requested NameIDPolicy:AllowCreate:False Format:urn:oasis:names:tc:SAML:2.0:nameid-

format:persistent:SPNameQualifier. Actual NameID properties:Format:urn:oasis:names:tc:SAML:1,1:nameid.format:emailAddress, NameQualifier, SPNameQualifer:, SPProvidedId.

This request failed.


Use the AD FS Management snap-in to configure the configuration that emits the required name identifier.

Kindly suggest.


SAML 2.0 authentication is working for OutSystems 11.0 but not for 11.6. Is there any configuration change required for OutSystems 11.6. Please suggest.