Profile 'JwtIssuer' in policy 'B2C_1A_signup_signin_saml' in tenant '.onmicrosoft.com' does not contain the required cryptographic key 'SamlMessageSigning'

Narendrn Balachandran 101 Reputation points
2022-02-22T00:09:25.727+00:00

Hi ,

I am getting this message when trying to login with a Saml application.

Profile 'JwtIssuer' in policy 'B2C_1A_signup_signin_saml' in tenant '.onmicrosoft.com' does not contain the required cryptographic key 'SamlMessageSigning'

This is working fine when i use the default user Journey (signupsign) from the base file. I am trying to integrate it with the Auto Account link extension policy.

The auto account link extension policy is working fine when using OpenIdConnect protocol relying party

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,432 questions
0 comments No comments
{count} votes

Accepted answer
  1. Marilee Turscak-MSFT 36,841 Reputation points Microsoft Employee
    2022-02-25T23:04:33.567+00:00

    Hi @Narendrn Balachandran ,

    Thank you for reaching out. I understand that you are receiving the following error when trying to login with a SAML application:

    Profile 'JwtIssuer' in policy 'B2C_1A_signup_signin_saml' in tenant '.onmicrosoft.com' does not contain the required cryptographic key 'SamlMessageSigning'

    A few things to check:

    Make sure that the JwtIssuer profile contains the SamlMessageSigning:

      <Key Id="SamlMessageSigning" StorageReferenceId="B2C_1A_SamlIdpCert"/>  
    

    If you are still facing this issue, please share your technical profile so that I can help troubleshoot.

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Narendrn Balachandran 101 Reputation points
    2022-03-17T22:16:12.773+00:00

    Sorry for the late reply. The issue was resolved by adding the Samlmessagesigning to the Jwtissuer profile.

    2 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.