I have a sample application that is trying to facilitate single sign on using SAML and I am able to authenticate the user, but when I am getting the SAML response back from Azure, I am facing the below error:
IDX10214: Audience validation failed. Audiences: 'spn:3xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'. Did not match: validationParameters.ValidAudience: '3xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' or validationParameters.ValidAudiences: 'null'.
I have made sure that the application ID is correct. I have a simple .NET Framework 4.8 MVC application and I am using OWIN middleware(Microsoft.Owin.Security & other packages) to call Azure
HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" },WsFederationAuthenticationDefaults.AuthenticationType);
Following is my web.config
<add key="ida:ADFSMetadata" value="https://login.microsoftonline.com/6xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/federationmetadata/2007-06/federationmetadata.xml?appid=3xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" />`
<add key="ida:Wtrealm" value="3xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" />
Could you please help me pinpoint what is causing this issue? I checked the Azure logs and I am able to sign in and I'm getting the MFA token, this issue is only coming when request is being redirected to the reply URL.