Created
March 3, 2017 04:43
-
-
Save mefarazath/053fdc8762b03f89544bd25699d62717 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| How to prepare SAML assertion for SAML Bearer Grant Type, | |
| 1. Copy the encoded SAML Response from either SAML Tracer or logs (DON'T copy from the XML view of SAML Tracer as it does some formatting which result in signature verification failure) | |
| 2. Go to https://www.base64encode.org/ and DECODE the SAML Response. | |
| 3. Copy the <saml2:Assertion> part | |
| 4. Go to https://www.base64encode.org/ and ENCODE the SAML Assertion you copied in #3. | |
| 5. Then you need URL encode the encoded string you got in #4. You can use https://www.samltool.com/url.php for that. | |
| Important Points Regarding the SAML Assertion | |
| * Response signing must be enabled in Service Provider configuration ie. SAML Response needs to be signed. | |
| * Audience value must contain the token endpoint of Identity Server. | |
| * Recipient value must contain the token endpoint of Identity Server. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment