I am in the process of configuring SSO from our ADFS to SAP JAM, and I have run into an interesting error. I have ADFS successfully configured in the IAT. When I use the SAP JAM URL that uses that IAT, it authenticates me vs ADFS successfully, but then when it redirects me to the JAM site, it goes to URL https://jam4.sapjam.com/saml/sp/acs, with the error message "You have been authenticated. Unfortunately, you do not have access to Jam."
If I use the url that bypasses the SSO from ADFS, and uses the IAT as the authentication source, I can manually log in using my IAT credentials, and that brings me into JAM successfully.
So, it appears to be an issue in the mapping between users in IAT and JAM? Anyone have experience with this error message, or know how to map those users?
Thanks in advance,