Auth0 Home Blog Docs

no 'InResponseTo' field in a SAML Assertion when redirecting a access for old SAML IdP to new SAML IdP on auth0

saml

#1

I try to redirect an access for old SAML IdP to new SAML IdP.

  • SP has a old SAML IdP metadata
  • a certificate of SAML IdP is same as new SAML IdP
  • entity ID of SAML IdP is ‘A’
  • end point of SAML IdP is a end point of old SAML IdP, not a end point of new SAML IdP
  • New SAML IdP is on auth0
  • entity ID of SAML IdP is ‘B’
  • entity ID in SAML Assertion is wrote to ‘A’ by rules
  • All acesses to old SAML IdP is redireced to new SAML IdP, using apache rewrite

In this environment, new SAML IdP, on auth0, retrun a SAML Assertion to SP, but there is no ‘InResponseTo’ field in a SAML Assertion.
‘InResponseTo’ is required in a SAML Assertion and a vlaue of ‘InResponseTo’ is same as ID in a SAML AuthN Request.

Can I redirect old SAML IdP access to new SAML IdP on auth0?

Thanks,


#2