IDP rely configuration - Adobe suggests a modification of default behaviour - any hints?
peter.schober at univie.ac.at
Fri Oct 4 08:09:31 EDT 2019
* Peter Schober <peter.schober at univie.ac.at> [2019-10-04 13:58]:
> Does anyone know whether the Okta SP (as used for Adobe Inc.) supports
At least some random documentation I found seems to suggest as much:
"Configure Inbound SAML" -> "Overview" -> "Capabilities":
"Support for encrypted assertions".
> Inbound SAML transparently supports encrypted SAML assertions. The
> IdP can encrypt using the public certificate from Okta and any of
> the following XML encryption algorithms.
So it seems removing the use="signing" restriction on the
KeyDescriptor should work and all documentation suggesting to disable
encryption is wrong? Or is the documentation above wrong?
More information about the users