Hi everyone,
I'm working on integrating Zabbix 7.0 LTS with ADFS using the built-in SimpleSAMLphp (packaged with Zabbix), but I'm stuck on a blocking issue. Environment:

• Zabbix 7.0 LTS on RHEL 9
• Apache 2.4 + PHP-FPM
• ADFS as IdP
• SimpleSAMLphp located in /usr/share/zabbix/simplesamlphp/

What I’ve done:

• Created and placed authsources.php and saml20-idp-remote.php under:
  • /usr/share/zabbix/simplesamlphp/config/
  • /usr/share/zabbix/simplesamlphp/metadata/
• Set SIMPLESAMLPHP_CONFIG_DIR:
  • In Apache config using SetEnv
  • In PHP-FPM pool with env[SIMPLESAMLPHP_CONFIG_DIR]
• Restarted both Apache and PHP-FPM
• Verified certificates and entityIDs match between files
• Permissions look fine (readable by apache user)
• Confirmed no .disabled files are in place

The problem:
When trying to authenticate via SAML, I keep getting this error:
SimpleSAML\Error\Exception: Cannot retrieve metadata for IdP 'http://adfs.tews-i-rs.lan/adfs/services/trust' because it isn't a valid IdP for this SP.

Things I suspect:
It looks like SimpleSAMLphp is not picking up the metadata from the /usr/share/zabbix/simplesamlphp/metadata directory. Maybe it’s falling back to the vendor path, even though I’ve disabled those files.
No logs mention the custom metadata being loaded, even though I added logging to authsources.php
​Has anyone successfully done SAML login with ADFS and Zabbix 7?
Any tips or ideas would be really appreciated!

Thanks in advance