Hi team,
While making the SSO call(IDP initiated), i am getting the exception “Saml login failed. Failed to decrypt XML”. Seems like unable to decrypt the assertion.
Note: the SAMl assertion is encrypted using standard .NET core code and than passed to Service provider who is using your library componentspace.We are able to obviously encrypt and decrypt the assertion using the standard .net core code. but when passed to component space for decryption getting this issue.
Most issues related to XML encryption result from the wrong private key being used to perform the decryption. However, if you can encrypt/decrypt in your code that seems unlikely.
Just to confirm, the SP is using our library to decrypt the SAML assertion but you’re the IdP and you’re calling the .NET API directly to encrypt the SAML assertion?
Assuming so, please ask the SP to enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning this forum post.
https://www.componentspace.com/forums/7936/Enabling-SAML-Trace
Also, it would be helpful if you can send via email a section of your code showing how you perform the encryption.
Thanks.