Error:04099079 when using Auth0 as SP and Keycloak as IDP

lihua.zhang · May 8, 2023, 8:12pm

Problem statement

We received the below error when using Keyloak as IdP and Auth0 as SP via SAML.

error:04099079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error

Keycloak does not allow the signing cert to be added manually.

Unfortunately, you can’t manually create a client in Keycloak and add your signing cert. Instead, please create the client with the SP metadata file.

This can be found using the endpoint:
https://{yourdomain}/samlp/metadata?connection={yourConnectionName}

lihua.zhang · May 8, 2023, 8:12pm