LibAnswers

When I try to sign into Omni from an article page, I see this warning:

"AADSTS75005: The request is not a valid SAML 2.0 protocol message or contains invalid or potentially dangerous characters."

Quick Solution

You can avoid getting this error by authenticating to Omni at the start of your research session.

Problem Detail

When searching in a library database, you might see links or buttons labelled "Find it in Omni":

When you click the link, you should see a web page for the article. If you haven't signed into Omni, you'll see a "Sign-in" prompt:

When you click on the "Sign in" link from the record display, you'll see an error message from Microsoft:

Solution Detail

Sign in to Omni at the start of your research session, using the same browser that you will be using to perform your research.

Discussion

The links from the database use a linking protocol called "OpenURL". This allows for bits information (such as titles, authors, etc.) to be passed along to Omni. When an unauthenticated users tries to click the "Sign in" link from the article page, all of the metadata from the OpenURL link is passed along to Trent's Single Sign-On (SSO) service, which is on the Microsoft platform. Unfortunately, some characters permitted in the OpenURL link are not allowed in links to the SSO service (including angle brackets).

When a user authenticates within Omni at the start of their session, these OpenURL links don't need to be passed along to the SSO service, because the user is already authenticated.