* Alan Angulo (Office365 admin) <[hidden email]> [2019-11-22 22:06]:
> The user authenticates correctly but right after the browser goes
> into an infinite redirect.
Looping can have many possible reasons -- cf. the Shibboleth SP's own
documentation on looping with that software implementation -- but
an SP expecting something (here: a NameID in a certain format) and
your IDP not sending it (here: because it's bogus) is certainly
> The vendor's metadata has this entry:
> I suspect the vendor's metadata is referencing the wrong
> NameIDFormat in his metadata. I am thinking it should be this:
> Can someone confirm that this is the cause of the problem?
Not quite, it may also be looping for any number of other reasons.
But lacking evidence wrt anything else being wrong/off that's one
place to start.
(You could configure your IDP to send the bogus format just to find
out whether, but don't tell the SP -- or your boss -- you got it
working, otherwise chances are slim the SP has motivation to fix it.)