Do you get the error when you still trying to add in via web UI, or later, when you sent to IDP during SAML flow?
Please follow Michael's suggestion and gather some logs. If I got you right, it's web UI that fails in your case, so you need to check `/opt/gluu/jetty/identity/logs/oxtrust.log` for any related errors and warnings.
As you supply your SP's metadata by url, I would say it's very likely oxTrust can't use this url to fetch it. Could you try to download the metadata manually, and provide it using "File" method instead? If it will work, then we'll be able to confirm it's true.
If there still will be the same error when providing it with "File" method, I would try to check whether you have enough memory assigned for JVMs first. This is especially true if you try to create TR with some federation metadata, which is usually very heavy to process.
- For web UI: `/etc/default/identity` file
- for IDP: `/etc/default/idp` file
You'll see line like this in both: `JAVA_OPTIONS="-server -Xms256m -Xmx636m -XX:MaxMetaspaceSize=273m -XX:+DisableExplicitGC -Dgluu.base=/etc/gluu -Dserver.base=/opt/gluu/jetty/identity -Dlog.base=/opt/gluu/jetty/identity -Dpython.home=/opt/jython -Dorg.eclipse.jetty.server.Request.maxFormContentSize=50000000"`
Make sure that `-Xms` is at 512m, and `-Xmx` is at 1024 at least (better 1536m or 2048m). If you'll have to change it, restart "identity" and "idp" services in the end.