Problem with IssueInstant format


I have a situation when my partner randomly fails to understand my AuthNRequest.

After investigation it appears it is because of an invalid IssueInstant format

Most of the time IssueInstant respects format yyyy-MM-ddTHH:mm:ss.fffZ, but sometimes it lacks the last millisecond decimale hence being of format yyyy-MM-ddTHH:mm:ss.ffZ

I joined two exemples, a good and a bad one.

Is this a bug ? If not, is there a way to force using the long format ?


Both examples are valid. This isn’t a bug in our product.
Are they expecting a trailing zero?
This is not required according to the XML schema definition of the primitive type dateTime.
In fact, the specification explicitly says the canonical representation should not include a trailing zero.
If the IdP is expecting a trailing zero, this sound more like a bug in their implementation.


Thanks for your quick and precise response.

They are indeed expecting a trailing zero and I’m not surprised the bug is on their side (yet again)

At least with your answer I have something solid to give them.

Anyway, if they cannot fix it on their side, is there a way to work around it on our side and still submit this trailing zero (I guess no, but I need to ask)


I’m afraid there isn’t.
If they can’t fix the issue please contact us and we might be able to create a workaround for you.