Unable to login using Idp. Unable to validate SAML response

352
2
Jump to solution
01-10-2022 05:56 AM
KearyLarson2
Occasional Contributor

We've had our Enterprise deployment in place for several months and have been using it without any issues.

This morning the users started receiving the message Unable to login using Idp. Unable to validate SAML response error message.

How do I resolve this?

0 Kudos
1 Solution

Accepted Solutions
ChristopherPawlyszyn
Esri Contributor

This can be caused by a rotation in the certificate(s) used by the IDP to sign the SAML response. I would consider re-exchanging the metadata between your IDP and Portal or more specifically you could compare the 'Certificate' value in your current SAML settings in Portal to what is contained within the SAML assertion using a tool like saml-tracer (browser extension).

View solution in original post

0 Kudos
2 Replies
ChristopherPawlyszyn
Esri Contributor

This can be caused by a rotation in the certificate(s) used by the IDP to sign the SAML response. I would consider re-exchanging the metadata between your IDP and Portal or more specifically you could compare the 'Certificate' value in your current SAML settings in Portal to what is contained within the SAML assertion using a tool like saml-tracer (browser extension).

0 Kudos
KearyLarson2
Occasional Contributor

Thank you for your reply. I've passed that information along to our network services team.

0 Kudos