Auth0 as IdP: Is it possible to sign both the response and assertion?

mmarion · October 19, 2023, 5:27pm

I’ve read the documentation: Sign and Encrypt SAML Requests

And it seems that Auth0 only supports signing the response, or the assertion, not both. Is that the case? Is there a workaround to that? It seems like Auth0 acknowledges that having both signed is a valid requirement, since using Auth0 as an SP allows for exactly that configuration, but I can’t find documentation on how to configure that scenario when Auth0 is the IdP and the SP has the requirement that both are signed. Every similar request in the “community” help center is either unanswered, unhelpful, or very old. The parent company, Okta, supports this functionality, as do all other major IDaaS solutions, so I find it surprising that it doesn’t seem possible. Am I missing something?

dan.woda · October 26, 2023, 3:59pm

Hi @mmarion,

Welcome to the Auth0 Community!

It doesn’t look like this is currently possible. Feel free to submit a feature request in our Feedback category. Thanks!

system · November 9, 2023, 3:59pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need capability to sign both SAML Response and Assertion at the same time Feedback	1	6	October 31, 2024
The SAML assertion, and the SAML response can be individually or simultaneously signed Help auth0	2	2521	September 20, 2020
SAML IdP, simultaneously sign assertion and response Help	4	3775	August 26, 2019
SAML Error: "SAML Response not signed" Knowledge Articles	1	634	January 26, 2024
Overview of Signing and Encryption Features for a SAML Service Provider Knowledge Articles	1	677	February 1, 2024

Auth0 as IdP: Is it possible to sign both the response and assertion?

Related topics