I just worked my way through this issue. The SAML ID is prefixed with the hostname of the docker container. Which in my case was auto-generated starting with a number. When I consoled into my container and ran cat /etc/hostname I could see the mysterious number that was breaking my SAML auth with: 'AADSTS7500529: The value '1a480d8dd87f.4.DA3C17FD-8DE5-4E39-8F52-5EF91CD63A51' is not a valid SAML ID. The ID must not begin with a number.' Where 1a480d8dd87f was my container hostname. I re-deployed my docker stack with: services: splunk: image: ${SPLUNK_IMAGE:-splunk/splunk:latest} container_name: splunk hostname: splunk ... And my SAML began to work: ID="splunk.2.DA3C17FD-8DE5-4E39-8F52-5EF91CD63A51" Hope this helps someone in the future 🙂 ~ James
... View more