I have figured that out.
After changing to NC 13, pretty url are enabled by default (or maybe not) but this was the issue.
While i were configuring NC 12, i’ve had links to saml background like this: https://nextcloud.domain.com/index.php/apps/user_saml/saml/acs
After upgrading to NC 13, i had to go to gsuite admin console, and change saml app setting in ACS URL and Entity ID to be without index.php https://nextcloud.domain.com/apps/user_saml/saml/acs
I’ve now upgraded to NC13 and removing the index.php did not work for me. I left it 48 hours to propagate and it still gives the 403 err saying the app is not configured for the user. If I put the index.php back in I can sign on but it does not show my files and folders, blank where it should list them and I have none of the options like admin, users and personal. Is this something you experienced. (Note to self, must build a test instance)
I struggle a bit to get it working on my side as well. So have URL target of the iPd is https://accounts.google.com/o/saml2/idp?idpid=xxxxxxx then I get
403. That’s an error.
Error: app_not_configured_for_user