You may face the Error 403 Forbidden while trying to use Single-Sign-On to enter a FlexiCapture station
The most obvious reason for such behavior is a mismatch between endpoint name set on SSO provider side and actual URL of FlexiCapture hostname
Make sure ENDpoint name(set on Identity provider side) matches the sample
If you are using a tenant, add the tenant’s identifier to the server URL, e.g. https://<ApplicationServer>/Flexicapture12/Server/Saml?Tenant=MyTenantName
In the case of FlexiCapture Cloud:
Important! Ensure there are no differences between the actual tenant name and the one set on SSO provider side
More details on how to implement SSO can be found here.