Username read by SAMLServiceProvider.ReceiveSSO is null or empty


We received the following response from the IdP and it seems legit to us (see attached for a larger version):

But when using the following API to process it, the returned userName is either null or empty. We’re expecting to retrieve “mi…@…com” as shown in the response above.
Note that no exception is thrown either.

SAMLServiceProvider.ReceiveSSO(httpApplication.Request, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl);

The version we are using is

Any idea?

I can’t see any obvious issues from the screen capture.
Please enable SAML trace and send the generated log file to mentioning your forum post.

Thanks for your suggestion. Enabling the trace allowed me to verify that the NameId was actually read correctly.

I made a bad diagnosis: it was in fact one of the attributes value that was null, not the username, which makes sense looking at the response.

Nothing wrong the API, sorry for the hassle!

No worries. I’m glad the SAML trace help.