Hi all,
I configured a federated domain in my Azure AD tennant to be
authenticated against an IDP based on pysaml IDP sample.
When I try logging in https://portal.azure.com with an
user at myfedereteddoaim.com, following error happens:
AADSTS50008: Unable to verify token signature. The signing key
identifier does not match any valid registered keys.
Any suggestions?
Thanks in advance.
Regards.
Hi all,
Is there an existing implementation (or planned) implementation of the
new SAML subject identifiers [1] ?
[1]
https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject…
Many thanks,
Niels
--
Niels van Dijk Technical Product Manager Trust & Security
Mob: +31 651347657 | Skype: cdr-80 | PGP Key ID: 0xDE7BB2F5
SURFnet BV | PO.Box 19035 | NL-3501 DA Utrecht | The Netherlands
www.surfnet.nlwww.openconext.org
We have an IDP which supports SAML1 and Proprietary rest API working since
several years ago.
Now we should integrate a new Service Providers through an ADFS (Active
Directory Federation Service).
Since ADFS supports only SAML2, we are facing to adapt our IDP to SAML2.
Convert or modify our current IDP, isn't an option, so the solution must be
by building an external module between the ADFS and IDP.
Escenario 1)
SP <---> ADFS <---- (SAML2)----> {GW} <---(SAML1)---> IDP.
Escenario 2)
SP <---> ADFS <---- (SAML2)----> {GW} <---(Custom REST API)---> IDP.
My questions,
Is the SATOSA suitable to work as GW in one of these escenarios ?
What documentation can i start to read ?
Thanks you very much !!