SAML Assertion - "Invalid signature for object [id...]"

Using Java with spring security to implement SAML2 SP.
Everything used to work OK, but now I get “Invalid signature for object [id…]” messages.
If I understand correctly, this is due to to the assertion not being signed correctly by Okta, but I can’t understand why - the certificate didn’t change or anything.

I downloaded the X.509 certificate from okta and used it to validate the assertion (that I got from chrome’s
SAML-tracer) using SAML Response Validator - Validate SAML Metadata, Signatures & Certificates - it failed the signature validation there also…

Turns out that I used a slightly wrong registration ID - I used “https://…” and it should have been “http://…”

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.