CoT list mismatch
14.6.10. Mismatch in CoT list definition

Exception (on IdP)

IDPSSOFederate: IDPSSOFederate.doSSOFederate: Issuer in Request is not valid.
CircleOfTrustManager: [COT] CONFIG_ERROR_RETREIVE_COT: {Circle of Trust name is invalid : /,iamcot,fedletsp,/}
CircleOfTrustManager: COTManager.isInCircleOfTrust
com.sun.identity.cot.COTException: Circle of Trust name is invalid : /
at com.sun.identity.cot.CircleOfTrustManager.isValidCOTName(


  • 1.
    The entries in idp*-extended.xml and corresponding sp*-extended.xml don't have the same entry for cotlist . In the usual case, the list only has one single value which is the same in all extended xmls; for example:
		<Attribute name="cotlist">
  • 1.
    If both IdP and SP are Airlock IAM, make sure that all parameters (except for the hosted flag) in the idp*- and sp*-extended.xml files on both IdP and SP are the same, especially the entityID, metaAlias, and cotlist.