Hi,
We are configuring SAML login in our client cloud environment and we have seen in the documentation that Appian allows encryption for the SAML assertion "Appian supports signed, encrypted SAML assertions up to the AES-256 standard" but the information in the documentation is very limited.The question we have is if we configure encryption with AES-256 in the IDP (Azure AD), how is the decryption key stored in Appian? Do we have to provide the key to Appian to store it internally or register it in the credential store?
Thanks in advance
Discussion posts and replies are publicly visible
Following the documentation here
https://docs.appian.com/suite/help/24.3/SAML_for_Single_Sign-On.html#requirements
You upload the certificate directly in the SAML config dialog.
Hi Stefan, thanks for answering. So the private/public keys used to encrypt the assertion are the ones defined in the Service Provider Signing Certificate?
I am not a SAML professional, but I assume that encryption is done via standard SSL, and the assertions are signed using this certificate. This way the IDP can verify where the assertion is coming from.
All right, we will try to test this out with our SSL certificate. Thanks a lot for the information!