saml

I have a need to programmatically connect to a customer's SharePoint server that uses OKTA for authentication. I saw this post which looked promising, but cannot seem to get a valid session cookie back from OKTA. I can successfully call the /api/v1/authn endpoint and get back a sessionToken, but when I turn around and call /api/v1/sessions?additionalFields=cookieToken with that session token, I always received a 403 - Forbidden, with the following json: { "errorCode": "E0000005", "errorSummary": "Invalid Session", "errorLink": "E0000005", "errorId": "oaew0udr2ElRfCnZvBFt075SA", "errorCauses":

I'm doing a proof of concept for federating SAML into Cognito. I've setup Shibboleth v3, and once I finally got the log level set, I can see the SAML being sent back to Cognito, which just redirects to my configured page with ?error_description=Error+in+SAML+response+processing%3A+Invalid+SAML+metadata.+&error=server_error in the URL. The user pool in Cognito is set to require an email address, and I think I've got the attribute mapping set correctly, but it's not really easy to tell. Here's the SAML I'm seeing in the logs (minus a couple of URLs for anonymization's sake): <?xml version="1.0"

I implement a SAML 2.0 SP. I have a login servlet with endpoint https://my.domain.com/mng/samlLogin , so in the SP metadata file I define: <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://my.domain.com/mng/samlLogin" index="0" isDefault="true"/> And send this endpoint in the AuthenRequest under the AssertionConsumerServiceURL. Now, I have another servlet with a different functionality, and it needs to validate the user against SAML as part of its flow. So I need to define the new servlet's URL as an additional endpoint, let's say https:/

I am trying to connect to ACS using a SAML token, problem is ACS has been configured to only accept JWT tokens. What is the best way to convert SAML to JWT? thanks You should ask your IDP to provide the JWT token as a SAML attribute inside your current SAML tokens, or ask them to provide you with an alternative way of acquiring the JWT tokens you require. The SAML token (typically a SAML assertion) is usually issued by an identity provider (IDP) and digitally signed - so that the relaying parties can verify authenticity of the token. This means that you cannot convert token from SAML to JWT,

I have a serialized SOAP request message with a SAML token holder-of-key that works against a vendor service. I want to create a demonstration program in C# to produce a similar request. To do this, I want to write a client that creates its own SAML token. I've got a SAML2 token created successfully from a self signed cert and I am able to associate it to the request using the ChannelFactoryOperations.CreateChannelWithIssuedToken approach (.Net 4.0). Everything is working great but I can't figure out the C# required to place the signature after the assertion and use the SAML token as the