Invalid assertion for SAML Assertion Flow

We are implementing the SAML Assertion Flow.

When requesting my token, I’m providing a base64 encoded SAML Response in the body of my request, but I’m getting a response stating it’s an invalid SAML 2.0 Assertion. I’ve tried providing the entire response, all of the xml from assertion tag to assertion tag, as well as the content of the assertion tags. None seem to be valid.

I’m looking for some guidance on why I’m receiving that error and how to potentially resolve it.

@gazaino
Can you please open a support ticket with us by email at support@okta.com to have this issue further investigated by one our TSE?

Already did around the same time I opened this. I have a call scheduled in a few minutes. Thanks for the reply!

New member, so not sure the etiquette here… would you prefer I log the outcome (ie. if it’s a bug or user error) here or do you just want to mark this solved?

@gazaino SAML issue is handled by our TSE team. You can also log the outcome here. Thanks.

The issue turned out to be that the SAML Assertion Flow is only intended to support SAML Assertions generated from external IdP. For example, this flow should only be used when you need to implement an auth flow for an IdP you have little to no control over. If your IdP is setup in your Okta and you attempt to use the SAML Assertion Flow you will receive the error mentioned above.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.