Creating SSO service provider for Adobe Federated ID

From the UCS manual section 13.1 for registering a new SSO service provider I have changed the required info to what I was able to pull from the Adobe XML file for Federated IDs like the NameIDFormat and all of that stuff and substitute it into the script. But when I try to login from with one of our email addresses it immediately tells me:

Access forbidden
You don't have the needed privileges to access this application. Please contact the administrator if you find this to be incorrect.

Please double check if your user account has been activated for the service provider you want to use - In the UMC user module with your user opened, it should be visible under Account -> SAML Settings -> Enable user for the following service providers

Well it seems to have worked but only for me. I have enabled the SAML provider for every user and I’m still getting an “Access Forbidden” message after Adobe redirects to my UCS server and after the user has successfully logged in.


SAML settings for the user in question: