Could not validate SAML Response

jpavanaryan · ‎03-28-2016

Hello Folks,

I am trying to integrate ServiceNow with Windows Active Directory (Server 2012 R2). I did the following steps based on wiki tutorial Configuring ADFS 3.0 to Communicate with SAML 2.0 - ServiceNow Wiki so far

1. Configured ADDS, ADFS, DNS, ADCS etc.. in Windows Server 2012 R2

2. Imported PEM certificate in SN

3. Configured Relay party claim rules and other stuff

Once everything completed, I tried to login. It displays an error saying that "Could not validate SAML Response". I checked logs but I didn't find anything. If anyone faced similar situation Please let me know

Thanks

jpavanaryan · ‎04-01-2016

Hi Tony,

Thanks for the patience. I do have basic question about DC. Is it necessary that Domain Controller should be available in internet (should be able to access from internet). I don't think my DC is available from internet. My thinking is ServiceNow tries access DC through MID server, So DC can be in Client network instead of made available to internet. Please clarify?

Thanks

tony_barratt · ‎04-01-2016

Hi,

Good question.

The ADFS server does not have to be available on the Internet if the browser being used for authentication is in the Enterprise network where the ADFS server is placed.

The MID-server can be used to import user data from ADFS for example, but not for authentication.

Best Regards

Tony

tony_barratt · ‎04-10-2016

Hi,

how are you getting on?

Is the issue resolved?

Best Regards

'

Tony

jpavanaryan · ‎04-11-2016

Hello Tony,

Thanks for checking on this. Right now we have some important tasks to be finished by this sprint. Will carry this work next month. And the issue still exists.

Regards

Pavan

c_fam · ‎04-19-2017

Team;

We've just experienced getting this error when trying to access EAMS [could not validate SAML response]. We found that the ADFS web.config file was in the wrong place on our adfs server. Maybe this is something worth looking into.