[EXTERNAL] Re: AuthnRequests must be signed, but inbound message was not signed for IDP initiated SSO
Peter Schober
peter.schober at univie.ac.at
Tue Dec 15 13:09:26 UTC 2020
* Abhishek Chouksey <abhishekchouksey10 at gmail.com> [2020-12-15 12:20]:
> is there other way to solve this issue without modifying SP metadata?
The SP's metadata says that authn requests will always be signed.
By using (proprietary) IDP-initiated SSO there's no way to sign the (non-SAML) authn request.
Works as designed?
-peter
More information about the users
mailing list