SAML issue with AWS

  • Alex Rivaben
    # 5 years, 4 months ago

    Hello,

    I am trying to setup SSO with an AWS account. I followed every single step contained in https://www.miniorange.com/amazon-web-services-(aws)-single-sign-on-(sso).

    When I click the AWS app in my dashboard I am redirected to the page displaying the AWS roles so I can choose, however, I am also get the following error:

    Response (with optional signature) must contain an assertion with a mandatory signature (Service: AWSOpenIdDiscoveryService; Status Code: 400; Error Code: AuthSamlInvalidSamlResponseException; Request ID: 911c7de2-fbeb-11e8-bf7a-e952be08eabf) (Service: AWSSecurityTokenService; Status Code: 400; Error Code: InvalidIdentityToken; Request ID: 911be28e-fbeb-11e8-8cc4-f9f1fa4ad3cc). Please try again.

    When checking the SAML Post I am noticing that the assertion is not being send with any signature indeed. However I don’t know how to do that. Can you please help me on this?

    Thanks!

    Kalpesh
    Keymaster
    # 5 years, 4 months ago

    @Rivaben, Can you please share a screenshot of miniOrange application configuration you added?

    Also, please share SAML response with SAML Tracer tool so that we can get the exact issue.

    You can send the details on support@miniorange.com

    Mike N
    # 5 years, 4 months ago

    I am also having the same issue. I will also send in the requested details to the support email.

    Kalpesh
    Keymaster
    # 5 years, 4 months ago

    @Mike, I have received your email. We will let you know the right configuration once we verify it on our end.

    clayton
    # 5 years, 2 months ago

    Hi , i have same problem, any solution for this error?

    the xmlresponse cannot have Signature object to send on aws.

    Kalpesh
    Keymaster
    # 5 years, 2 months ago

    @Clayton, we are ready with the updates compatible with AWS new SSO changes. We will have the updates ready in production this week or early next week.

    I will let you know once this is done so that we can move forward with AWS setup.

    Kalpesh
    Keymaster
    # 5 years, 2 months ago

    Hello all,

    We now have AWS application updates in production which support Signed SAML Response.

    Can you please check if AWS SSO works for you now?

    Let me know if you see any issue or reach out to support@miniorange.com.

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.