Hi team,
We recently planned to migrate the IDP configuration from one to another. During this migration, we did not delete the old IDP (IDP1) but added a new one (IDP2). However, when testing the new IDP (IDP2), we encountered a 401 error.
Remarks:
<samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
Could you please assist in resolving this issue with IDP2?
Thank you.
Discussion posts and replies are publicly visible
Install saml extension in your browser, and you will be able to compare both requests, in order to check where is the error.
Hi david why i am not seen the Signature hashing Hashing Algorithm option in smal configuration is there any problem with configuration
I do not understand...... First of all, I would try to find where the error is located.. (using SAML Tools).
Hi David
The only differences between responses is only that line?
In our SAML responses, we've observed a difference between two identity providers (IdPs) in how the <NameID> and emailaddress attributes are handled:
<NameID>
emailaddress
Against which attributes do you have mapped that values? Seems that the login is being made, but you don't have permissions in the platform
DO you see any error in logs?
yes
[http-nio-8080-exec-7] ERROR com.appiancorp.security.auth.saml.SamlTestServlet - Unexpected exception during SAML authentication test: Signature was either invalid or signing key could not be established as trusted