I want to migrate an old SAML setup to Component space but I'm getting a forbidden request error with my new component space

Raven · September 17, 2024, 7:40pm

I have this existing SAML button that works without any errors and I want to migrate over to component space. Here is my existing working button.

  SAML_IDP_URL="https://exampleidpurl.net"
  SAML_IDP_SSO_URL ="https://examplessourl.net/public/saml2sso"
  SAML_IDP_METADATA_URL="~/App_Data/Example/example_signed.xml"
  x509_File_Path=""
  x509_SerialNumber ="1234567789"
  Private_Key_File_Path="/App_Data/Test_FA/example_pki.pfx"
  UseLocalFile="true"
  ValidateAudience="false"
  CertUse="0"
  CertPassword="examplecertpassword"
  Entity_ID="https://exampleidpurl.net"
  SP_Entity_ID="https://test.ca/Saml2"
  SP_URL="https://test.ca/"
  ServiceProvider_Return_URL="https://tracking.ca/Account/ExternalLoginCallback"
  SAML_SP_Org_Name="Test Org"
  SAML_SP_Org_Display_Name="Test Org"
  AuthenticationType="Test Agency"
  FolderName ="tracking.ca"
  Caption="Test Company"
  />

And here is my attempt at using the information from my working button to a component space button.

I’m getting a forbidden request error with my component space button but my existing SAML button is working fine and I’m not sure what the problem is.

ComponentSpace · September 17, 2024, 8:59pm

One obvious issue is that the partner identity provider certificate is a PFX file rather than a CER file. The PFX file contains the local service provider’s certificate/private key.

Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com.

Also, include the partner identity provider’s SAML metadata as an email attachment so the configuration can be checked.