[EXTERNAL] Re: AuthnRequests must be signed, but inbound message was not signed for IDP initiated SSO

Peter Schober peter.schober at univie.ac.at
Tue Dec 15 13:09:26 UTC 2020

* Abhishek Chouksey <abhishekchouksey10 at gmail.com> [2020-12-15 12:20]:
> is there other way to solve this issue without modifying SP metadata?

The SP's metadata says that authn requests will always be signed.
By using (proprietary) IDP-initiated SSO there's no way to sign the (non-SAML) authn request.
Works as designed?

More information about the users mailing list