Issue with SSO - Could not validate SAMLResponse for esignature only

Kerry10
Giga Expert

We are trying to configure SSO using OKTA. We have configured the IDP and everyone can login without issue. However, when we try to e-sign the following happens:

-The window pops up to enter okta credentials

-I login and am redirected to a "login complete" screen

find_real_file.png-The approval record shows approved

-I hit the cancel button and the approval record moves back to requested

-I refresh the page and get an error

find_real_file.png

 

The logs show nothing more than "could not validate samlresponse" 

 

Any help would be much appreciated.

1 ACCEPTED SOLUTION

Hello,

 

Our error occured because we were using a different saml configuration for esignature than we were for standard login. Is this what you are doing?

 

If not, you may be getting that error if the saml is checking for the user's email address instead of their username, or vice versa. 

 

That was our experience - hope it helps

View solution in original post

3 REPLIES 3

mig
Mega Guru

Hi,

I am having the same error. Within the error logs I found something like:

"SAML2ValidationError: No valid SubjectConfirmation found."

AND
"SAML2ValidationError: Recipient attribute in SubjectConfirmationData mismatch. Expected:...."

the page Multi-SSO (SAML 2.0) errors and fixes brings a list of error messages and the corresponding fixes.

I will contact the administrator of our SAML system regarding to this entry:

find_real_file.png

Please let me know if and how your issue has been fixed.

Kind regards

Miguel

Hello,

 

Our error occured because we were using a different saml configuration for esignature than we were for standard login. Is this what you are doing?

 

If not, you may be getting that error if the saml is checking for the user's email address instead of their username, or vice versa. 

 

That was our experience - hope it helps

Thank you for sharing this information!

 

Kind regards

Miguel