Decrypt SAML response

Dinesh Radadiya 1 Reputation point

If token encryption is activate in azure active directory then how we can decrypt SAML response at client side ?

We are able to decrypt SAML response if token encryption is deactivate but not able to decrypt while it activate.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,067 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. KAREDD-MSFT 406 Reputation points Microsoft Employee

    Hi @Dinesh Radadiya ,

    When enabling token encryption in the Azure AD portal, you would have to provide the public key of the cert. On the application side, you have to use the private key of the same certificate to decrypt it.

    1 person found this answer helpful.
    0 comments No comments