Unable to validate SAML message - Mendix Forum

Unable to validate SAML message

0

I'm getting this error when testing SAML sign in:

 

 

When I check the request overview, the request is there but it is empty. 

 

I'm having some trouble debugging the flow. The system doesn't seem to go through CustomUserProvisioning, even though we ticked that mark.

 

On the ADFS side, we're seeing this:

 

Exception details:

Microsoft.IdentityModel.Protocols.XmlSignature.SignatureVerificationFailedException: ID4037: The key needed to verify the signature could not be resolved from the following security key identifier 'SecurityKeyIdentifier

asked
3 answers
1

Do you have V1.13.0 of the SAML module?

 

answered
1

You could try Firefox with the plugin SAML tracer. This way you can better debug what is going wrong. From the errors it looks like the security keys are not matching. Make sure that the metadata is refreshed. Might be that the certificates are out of sync.

Regards,

Ronald

 

answered
0

We reconfigured the module, gave the new metadatafile to the ADFS admin en had to add a claim (UPN). That solved it.

answered