So I’ve set up and configured an SAML identity provider connection which connects to the system of a customer of ours. Using the “try it” button shows that it is correctly configured.
Before this, we used a regular username-password-database connection. Simply do an HTTP POST to /oauth/token to log in. One of the fields in the json body is “realm”, which I changed from the username/password thing to the SAML connection.
Unfortunately, auth0 returns an HTTP 500 internal server error with the following error message:
{"error":"server_error","error_description":"Cannot read property 'signingKey' of undefined"}
What does this error message mean? Why is this not working? What is this signing key and where can I configure it?
The request to /oauth/token
with a realm parameter indicates that you’re performing a resource owner password credentials (ROPC) grant. Have in mind that only a subset of connections support ROPC, more specifically, from the linked documentation page:
You can configure Auth0 Connections as realms, as long as they support active authentication. This includes Database, Passwordless, Active Directory/LDAP, Windows Azure AD and ADFS connections.
(emphasis is mine)
SAML connection are not supported which explains the error, although the error could have been more clear about the underlying reason. If you want to enable authentication through an external SAML identity provider you should go through the /authorize
endpoint]2 which implies a redirect-based flow.