Can SAML request issuer and SP connector entity id be different
Here's my problem. Our f5 is acting as idP. When I go to the SP initiated link it does not work. I get a page cannot be displayed. I can see in fiddler it's adding - ?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST - to the end of the link which is why the page comes back cannot be displayed. That's 1 issue. However, the issue I'm concerned about, and want to know if it's even possible is - can the SAML request issuer and SP connector entity id be different? in my apm logs I have this error: No SP Connector attached to SAML SSO from assigned SAML resources matching authentication request. If ACS URL is present in authentication request it should match ACS URL from SP Connector. If Issuer is present in authentication request it should match entity_id from SP connector. The SP initiated link is https://staging.com for example but the entity id External SP connector link is https://training.com for example. I've never had an SP provider go to a different so I don't that this is possible.
I have a SAML resource attached, SP binded with idP, etc... so that is not the issue.