If an ACS URL is defined in an unsigned SAML request, the authentication fails and shows the following message:
Unable to complete request at this time.(ACS URL in unsigned request could not be verified.)
Workaround: Set the IGNORE_ACS_METADATA_CHECK option to true as follows:
Click Devices > Identity Servers > Servers > Edit > SAML 2.0 > Service Provider > Options > New.
Specify the following details:
Property Type: Select OTHER.
Property Name: Specify IGNORE_ACS_METADATA_CHECK.
Property Value: Specify true.
Click OK.