Question

3
Replies
357
Views
KenL7169 Member since 2018 2 posts
Vistra Hong Kong Ltd
Posted: 2 years ago
Last activity: 2 years ago
Closed

ADFS 3.0 does not recognize Pega SAML request signature

ADFS does not support the SHA-1 algorithm used by Pega. So ADFS refuses Pega authentication request on Pega Platform 7.4

Errors on ADFS side:

Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSignatureAlgorithmMismatchException: MSIS7093: The message is not signed with expected signature algorithm. Message is signed with signature algorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1. Expected signature algorithm http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Errror on Pega side:

Unable to process the SAML WebSSO request : Caught Exception while validating SAML2 Authentication response protocol : Received SAML token with invalid status code : urn:oasis:names:tc:SAML:2.0:status:Responder

Pega Platform Security
Moderation Team has archived post
Share this page LinkedIn