Auth0 Home Blog Docs

IdP initiated SAML fails with InResponseTo error

I’m trying to make the IdP initiated flow from an external SAML connection, but whenever it’s initiated, it fails with the following error:

access_denied: The InResponseTo attribute does not match the id in the AuthNRequest

The current setup comprises from djangosaml2idp, acting as my external IdP,
connected to Auth0 through an Enterprise connection.

Everything works when navigating into the app, getting redirected to the IdP login and back, but whenever I try to initiate the process from the IdP side, it fails.

If I recall correctly if the SAML provider wants to initiate the flow then the SAML response should not contain the InResponseTo attribute. In other words, this seems to be caused by a miss-behaving identity provider.

Ok, I’ll try to update the IdP to avoid sending the InResponseTo attribute and see if that works.