Hello, thanks for the reply.

yes I use the default url.

The user access shows the connections made under local system (I can't create users under the SAML idP I created).

And the Events just shows the number of connections, nothing about Azure.

@Dioma Users are being redirected to Azure for authentication when accessing the VPN server URL from the browser, and receiving this error after redirected back to VPN post authenticating with Azure, correct?

Error states issue with SAML Artifact parameter missing, are we using SAML POST or Artifact method? Can you check the SAML metadata and see if you have SingleSignOn URL set as HTTP-POST and HTTP-REDIRECT value with the callback URL pointing to Azure?

Pulse Connect Secure Certified Expert

Users don't have redirection, they only have the Pulse sign-in page.

I got the error when testing from the Azure portal. 

We use Post as SSO method for the Azure idP.

And we have http-redirect and http-post with url pointing to Azure in the SAML metadata.

@Dioma So it's IDP-Initiated SSO if you're initiating the login from the Azure portal. Can you please check the SAML response that's being sent to the VPN server and check if it's sending the correct SAML response because somehow the VPN server thinks that the Azure is sending SAML Artifact request instead of SAML POST.

Pulse Connect Secure Certified Expert

Thanks for the reply, I progress a little. 

I create a new sign-in page for the saml auth (with one realm), so users are now redirected to Azure.

but I have this error on the log:

'SAML Consumer received and processed 'Post', Status: 'FAILURE: No valid assertion found in SAML response' DetailedLogs:Assertion is not yet Valid'.