SAML SSO Service Provider Sign Requests set to False in Metadata URL



  • Hi, we are trying to use the AuthnRequests signed using redirect but facing an issue with XML metadata files returned by FusionAuth (FusionAuth metadata url) which is sent forward to IdP. We are currently using the latest version 1.22.2

    As per my understanding, the XML provided by the "Metadata URL" should contain the X.509 signature, and AuthnRequestsSigned should be set to "true".

    Below is a snippet from the XML metadata when "Sign Requests" is set to true.

    <ns2:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    


  • This looks to be a bug. Tracking here: https://github.com/FusionAuth/fusionauth-issues/issues/1067

    Thanks for letting us know.


Log in to reply
 

Looks like your connection to FusionAuth Forum was lost, please wait while we try to reconnect.