We configure our SAML in code.
This new implementation wants a different partner identity provider than our entityID provided in our metadata.
We’ve tried multiple combinations of settings, nothing is working.
Here’s our startup code, attached is the trace log.
Dim samlConfig As SAMLConfiguration = New SAMLConfiguration() With {
.Name = “zzzz”,
.LocalServiceProviderConfiguration = New LocalServiceProviderConfiguration() With {
.Name = “zzzz”,
.AssertionConsumerServiceUrl = SYS_APP_WEB_DOMAIN,
.LocalCertificates = New List(Of CertificateConfiguration)() From {
New CertificateConfiguration() With {
.FileName = “certificates\wwwww.pfx”,
.Password = “qqqqqq”
}
}
}
}
samlConfig.AddPartnerIdentityProvider(New PartnerIdentityProviderConfiguration() With {
.Name = “zzzz”,
.SignAuthnRequest = False,
.ProviderName = “zzzz”,
.AuthnContext = “sssssssssss”,
.DisableAudienceRestrictionCheck = True,
.WantAssertionOrResponseSigned = False,
.WantAssertionSigned = False,
.SingleSignOnServiceBinding = “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”,
.SingleSignOnServiceUrl = SYS_APP_SSO_STATE_SITE_URL_IND,
.SingleLogoutServiceUrl = SYS_APP_SSO_STATE_SITE_URL_IND,
.PartnerCertificates = New List(Of CertificateConfiguration)() From {
New CertificateConfiguration() With {
.FileName = SYS_APP_SSO_CERT_IND
}
}
})
SAMLController.Configurations.AddConfiguration(samlConfig) ’ add individual configuration
The partner identity provider configuration Name property doesn’t match with the issuer name in the received SAML response.
Make sure your configuration is updated to use the issuer name.
I’ve sent the details to you in an email.