Recently came across the above error when migrating from ADFS to Azure EntraID for SSO.
Documenting the solution in case it helps someone else.
Subject Confirmation validation failed.
SAML2ValidationError: InResponseTo attribute in SubjectConfirmationData mismatch.
Request SNC[sys_id] doesn't exists.
Checked and double checked between prod and nonprod instance - no immediate differences could be seen in the Identity providers or the configuration between Azure and Service Now.
KB0814564 got us the looking in the right direction, though... but it wasn't the script include that was the issue.
Internet queries pointed us to the issue being on the Azure side of things...
Resolution:
glide.authenticate.multisso.login_locate.user_field was set to 'user_name' as per default.
Changing it to 'email' resolved our issue.
