SAML connection options cert vs signingCert

Get Help
,
1

Hello, We are trying to create SAML Connection through Auth0 Management API Create Connection Call

Q1- What is the use of signingCert option while creating SAML connection?

  • This seems a required field. We are getting an error: Bad Request/ 400, ‘The signing Certificate public key is required.’

  • Also, referred to this community post, signingCert option is left empty?

Q2- How to derive value for ‘signingCert’ ?

1 Like
2

Just hit my head against the wall for this. What was actually required to complete the signingCert and related fields is just the metadataUrl in my case

metadataUrl: https://Thehostapp/sso/saml/metadata

1 Like
4

Hi @jstatham

Thank you for sharing this information with the Community!

As this topic can still be valuable to other members, I will share some documentations with useful information on the matter:

  • the signingCert is used to sign SAML responses/assertions in order to establish trust between the parties and verify the authenticity of the exchange. It is a key component of a SAML integration and I recommend reading through our general doc on Sign and Encrypt SAML Requests for more details;
  • the Signing Certificate needs to be obtained from the Identity Provider’s side and correctly formatted, usually as a PEM, more information can also be found in this Support Article;
  • I will also provide our Configure Auth0 as SAML Service Provider documentation here, in case it comes in handy.

Hope this helped and thank you for your input!

Best regards,
Gerald