Questions tagged [saml]

SAML (Security Assertion Markup Language) is an open standard and XML-based markup language for exchanging authentication and authorization information between parties, known as service providers and identity providers.

99 questions
11
votes
1 answer

Microsoft Exchange Federation Trust Broken After Verifying in Office 365

Okay so...this all started during our Office 365 setup. According to Microsoft, you have to delete your on-premises federation trust from Exchange, verify the domain, then add it back...otherwise you get an obscure error message when validating the…
Nathan C
  • 14,901
  • 4
  • 42
  • 62
7
votes
0 answers

Signout with ADFS3 with SAML

I have implemented SSO using ADFS3. I have a logout button for sign out and it’s working fine with my ws-federation passive endpoints. On logout I redirect user to logout.aspx page and there I have written code on page load…
user641812
  • 171
  • 4
4
votes
1 answer

Sure of Valid Parameter set, Powershell Says: "Parameter set cannot be resolved..."

I'm attempting to run a Powershell cmdlet that only accepts one of three specific parameters. I'm positive that I know what those parameters are, and that I am entering those parameters correctly. I am running Powershell as an Administrator, and I…
AESD_Mike
  • 43
  • 3
4
votes
2 answers

AADSTS50107: Requested federation realm object does not exist, when integrating Okta as an IdP for AAD

I'm trying to set up AAD with Okta, and find that when users visit the App Embed link and it posts their SAML response to https://login.microsoftonline.com/login.srf, they get an unhelpful error: AADSTS50107: Requested federation realm object…
Falcon Momot
  • 24,975
  • 13
  • 61
  • 92
3
votes
1 answer

ADFS: Convert SAML Assertion to OAuth Token?

We have Microsoft Active Directory Federation Services (ADFS) as our authentication/federation provider. We use it for performing identity federation via SAML to several external vendors, SaaS providers, etc. In addition, we have several vendors…
Shadowman
  • 71
  • 1
  • 8
3
votes
0 answers

How should the relying trust be set up in ADFS for SAML-based SSO?

We've done SAML-based SP-initiated SSO with a number of customers, and it's all been ok (eventually). We've got a customer now who's using ADFS. We can get idP-initiated to work fine, but with SP-initiated they get an error: Exception…
Elbin
  • 131
  • 1
  • 3
3
votes
2 answers

Using Google Apps / G Suite as IdP for Office365

I'm trying to set up SAML SSO where G Suite is the identity provider for Office 365 (service provider). Google's instructions are limited: https://support.google.com/a/answer/6363817?hl=en But I found some great help here:…
tplants
  • 31
  • 3
3
votes
1 answer

Can we configure ADFS for IDP initiated SSO

I'm looking for ways of integrating ADFS as a IDP for a SAML2 service provider. I have already configured the SAML2 provider with the verification certificates etc. And we used "Add Relying Party Trust Wizard" to configure ADFS with the details of…
3
votes
1 answer

Where do I purchase token signing certificate for ADFS?

We are integrating with ADFS (SAML) with a customer. The customer requires us to obtain token signing certificate, trusted by well known CA. The certificate will be used to sign SAML requests that are sent to IdP. Most of the vendors sell SSL cert…
weilin8
  • 133
  • 3
3
votes
1 answer

Configuring Google Chrome to Connect to AD Configured with Kerberos and Using ADFS

I'm trying to configure Google Chrome (and Firefox) to authenticate using Active Directory tunneled through ADFS SAML/Kerberos Endpoints and an Apache application using Shibboleth. Here are some settings I have inside each machine. Active Directory…
2
votes
0 answers

How to download SAML XML metadata from Microsoft Azure

I have an enterprise application that implements SAML SSO, and I have a new client who wishes to use it. This feature works with other clients. However, the application requires that the client download the SAML XML metadata from the Azure server…
2
votes
0 answers

AADSTS700517 using AWS Cognito and Azure AD Enterprise App

I have configured an AWS Cognito UserPool to use an Azure AD Enterprise Application as a SAML federated identity provider as per the blog post here:…
2
votes
1 answer

ADFS Alternative questions

We had (Before it went belly up) an ADFS server that was simply doing a translation from SAML 2.0 to WSFED (My end point software can not take in SAML only WSFED). My question is, what are the alternatives to ADFS to do this translation. Does…
Nathan
  • 73
  • 3
2
votes
1 answer

single sign-on to multiple SAML SPs with one IdP

Part of our site, say https://www.example.com/files, is protected by mod_auth_mellon, which provides an SP that authenticates with our IdP. This works fine. The rest of the site is Drupal with the samplesamlphp_auth module. That module creates…
Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
2
votes
1 answer

Combine apache auth providers of different types with basic auth only if proactively provided by client

I'd like to be able to have a path on an apache server (2.4.18+ on ub16) that primarily authenticates using SAML (using the mod_auth_mellon plugin) for interactive use, but also supports having the caller pre-emptively send Basic auth credentials.…
1
2 3 4 5 6 7