Question3Replies485Views TaikiYoshidaEY Member since 2017 8 posts EY Advisory & Consulting Co., Ltd. Posted: 2 years agoLast activity: 2 years 10 months ago Closed Solved Cannot setup SSO with ADFSHas anyone encountered a similar issue with SSO setup to ADFS?I went setting up SSO with ADFS through the "SSO Workbook for CA" - https://pdn.pega.com/documents/ca-single-sign-federation-runbook but have encountered an error at the very end of the SSO process.It is showing up "Unable to process the SAML WebSSO request : No value specified for attribute mapped to pyUserIdentifier property".I also checked with Firefox's SAML debugger and it seems that the response is fine. <AttributeStatement> <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"> <AttributeValue>firstname.lastname@example.org</AttributeValue> </Attribute> </AttributeStatement>I have already checked that mapping is setup correctly, but have had no luck. Please help... Security Low-Code App Development Installation and Deployment ×Close popoverFacebookTwitterLinkedinEmail Copy Link Copied! Moderation Team has archived post This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question. Posted: 2 years agoNarasimha522 PEGA replied to TaikiYoshidaEYIn AuthenticationService in the mapping tab, USERID was mapped to .pyUserIdentifier propery is sames as USERID present in SAML response? Posted: 2 years agoSudhakarReddy PEGA replied to TaikiYoshidaEYHi, Please check which attribute is mapped to .pyUserIndentifier and make sure you had configured modal user in organisation unit. Also map the other organisation elements like Division and Unit. Accepted Solution Posted: 2 years agoTaikiYoshidaEY EY Advisory & Consulting Co., Ltd. replied to TaikiYoshidaEYI have found out the issue. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress This needs to be set in full in the mapping settings. I had setup "emailaddress" but should be "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" instead.