You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a SAML Service Provider (SP), FusionAuth does not support receiving encrypted SAML assertions from an external SAML IdP.
Solution
When FusionAuth is acting as the SAML SP:
Allow configuring a key/certificate pair in Key Master. The private key will be used by FusionAuth for assertion decryption. The certificate will be shared with the SAML IdP for assertion encryption.
Update SAML IdP configuration in FusionAuth to provide settings for SAML decryption as the SP
Use the configured private key to decrypt the encrypted SAML assertions
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
The text was updated successfully, but these errors were encountered:
Support SAML assertion encryption as SP
Problem
As a SAML Service Provider (SP), FusionAuth does not support receiving encrypted SAML assertions from an external SAML IdP.
Solution
When FusionAuth is acting as the SAML SP:
Alternatives/workarounds
None.
Additional context
Split from
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
The text was updated successfully, but these errors were encountered: