ADFS idpinitiatedsignon SAML assertion not signed
I am trying to extract SAMLResponse assertion via https://<adfs_domain>/adfs/ls/idpinitiatedsignon using a webview. The problem is that the SAMLResponse assertion is not signed and the signature is not included inside the assertion.
As a result I cannot validate the SAML assertion. We have configured ADFS with an ADFS signing cert since it is an IDP initiated flow.
Also we set the following property in ADFS: SamlResponseSignature = AssertionOnly
See attached for SAMLResponse.xml
I can't repro this in my lab. What version of ADFS are you using?
Any error or warning in the ADF Admins logs?
Also, is that the exact copy of the token? It seems that the section are in a different order than usual.
Sign in to comment