A pop-up survey could appear while you're here --curious what it's for? Click here to learn more!

×
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSO

Bongjoo Kim
Bongjoo Kim
January 13, 2021

Dear ,

I configued SSO to intergrate with other site .

when they try to use SSO in crowd , there is error message .

 

ERROR [saml2.profile.impl.AddNameIDToSubjects] Profile Action AddNameIdAction: Error while generating NameID

org.opensaml.saml.common.SAMLEml2.profile.impl.AddNameIDToSubjects] Profile Action AddNameIdAction: Request specified use of an unsupportable identifier format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress[saml2.profile.impl.AddNameIDToSubjects] Profile Action AddNameIdAction: Request specified use of an unsupportable identifier format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddressxception: The format to generate does not match the value configured

        at org.opensaml.saml.common.profile.AbstractNameIdentifierGenerator.generate(AbstractNameIdentifierGenerator.java:272)

 

Thanks,

Answer
Watch
Like Anwesha Pan likes this
1336 views

1 answer

0 votes
Anwesha Pan
Anwesha Pan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
June 10, 2026

Hi @Bongjoo Kim 👋🏻

First of all, welcome to community! ✨

This error occurs because the Atlassian application expects a standard username to authenticate the user, but your Identity Provider (IdP) is attempting to send an Email Address format (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress).

Crowd or the connected Atlassian app rejects this since it doesn't match the expected identifier format.

You can follow the below steps to resolve the error:

  1. Update IdP: Log in to your IdP and edit the SAML application settings. Change the NameID Format.
  2. Check Application Mappings in Atlassian: Navigate to the SSO Settings or User Profile mapping tab of your SSO plugin. Change the login/search Crowd user account setting from Email to Username.
  3. Verify Crowd Application Access: If the user cannot log in after fixing the NameID, ensure they are explicitly allowed to access that application within Crowd.

I hope this helps & answers your question. 🙂

Thanks,
Anwesha

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security