SAML + Microsoft Entra ID - user_creation_failed error on auto-creation
🔍Authentication❌Unsolved☁️Zitadel Cloud❓Question
Hi everyone! 
I'm having an issue with SAML integration between Microsoft Entra ID (as IdP) and Zitadel (as SP) using the TypeScript Login UI (v2).
Environment
Cloud
Binding: HTTP-Redirect
Problem
When a new user tries to authenticate via SAML, the auto-creation fails with user_creation_failed error. The flow redirects to:
/ui/v2/login/idp/saml/complete-registration?...&postErrorRedirectUrl=%2Floginname&error=user_creation_failed
Configuration
IDP settings:
Automatic creation: Enabled
Automatic update: Enabled
Account creation allowed (manually): Enabled
Account linking allowed: Enabled
SAML Response from Entra ID
All required attributes are being sent correctly:
NameID: user@domain.com (format: emailAddress)
givenname: Jefferson
surname: Gonçalves Lemos
displayname: Jefferson Gonçalves Lemos
email: user@domain.com
name: user@domain.com
I'm having an issue with SAML integration between Microsoft Entra ID (as IdP) and Zitadel (as SP) using the TypeScript Login UI (v2).
Environment
Cloud
Binding: HTTP-Redirect
Problem
When a new user tries to authenticate via SAML, the auto-creation fails with user_creation_failed error. The flow redirects to:
/ui/v2/login/idp/saml/complete-registration?...&postErrorRedirectUrl=%2Floginname&error=user_creation_failed
Configuration
IDP settings:
Automatic creation: Enabled Automatic update: Enabled Account creation allowed (manually): Enabled Account linking allowed: EnabledSAML Response from Entra ID
All required attributes are being sent correctly:
NameID: user@domain.com (format: emailAddress)
givenname: Jefferson
surname: Gonçalves Lemos
displayname: Jefferson Gonçalves Lemos
email: user@domain.com
name: user@domain.com
