Saml.assertion validation

0
Hi, i receive a encryptes SAML response from the IDP. I decrypt and validate my saml assertion and i says it's validated succesfull! The certificated is embetted in the saml assertion. I use this decrypted assertion for customer service. The customer service verfivies the XML Digital Signature as invalid. Is this problem already made by the IDP? Why does the saml component validate the assertion succesfully?
 
asked 1/18/2021 6:22:07 PM
add a comment

1 Answers

0
I think there is a case that customer service didn't have correct public key used to verify the signature, or some bytes you send to your customer service wasn't match the hash (depend on how you send the decrypted assertion)
 
answered 2/5/2021 2:31:25 PM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged saml or ask your own question.