Logging into CPM using Identity Provider may fail with an error An error occurred

Logging into CPM using Identity Provider may fail with an error "An error occurred"

Issue:
When trying to log in to CPM, you may receive the following error:


In the CPM log files, there will be no related error messages, but in the Windows Event viewer you can find these errors: AD FS errors 261 and/or 364:

AD FS error 364:


AD FS error 354:
Exception details:
Microsoft.IdentityServer.Service.Policy.PolicyServer.Engine.AssertionConsumerServiceUrlDoesNotMatchPolicyException: MSIS3200: No AssertionConsumerService is configured on the relying party trust 'https://<CPM_Server_Address>/remote_auth/metadata' that is a prefix match of the AssertionConsumerService URL 'https://<CPM_Server_Address>/remote_auth/complete_login/' specified by the request.

AND

AD FS error 261:
The request specified an Assertion Consumer Service URL 'https://<CPM_Server_Address>/remote_auth/complete_login/' that is not  configured

Description:
This issue usually happens because of misconfiguration of the Relying Party Trusts in the AD FS Management console. For example, if "Trusted URL" specified not as described in the user guide.

Resolution:
Configure "Trusted URL" option as described in the user guide:


Try to login to the CPM again.