Does SP3 not sign authn requests by default?

Michael A Grady mgrady at
Fri Jul 20 18:29:43 EDT 2018

> On Jul 20, 2018, at 5:19 PM, Wessel, Keith <kwessel at> wrote:
> FWIW, adding signing="true" to our ApplicationDefaults has fixed the issue. The docs say that this should behave the same as 2.6 did: our IdP metadata says nothing about wantRequestsSigned, and I read the docs as it'll be signed unless the metadata specifically says not to as long as the SP is able to sign it. Do I misunderstand the "soft false" discussed in the SP 3 signing and encryption docs

I haven't looked at the SP 3 docs, but 2.x never signed by default. That's stated explicitly here:

Michael A. Grady
IAM Architect, Unicon, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 874 bytes
Desc: Message signed with OpenPGP
URL: <>

More information about the users mailing list