Hi,
I am trying to get a custom SSO implementation and I have been informed that the SAML response format is incorrect - All the Signature information need to be prefixed with ds.
Is there a way for me to manage/alter this?
Hey @GaxZE, Can you elaborate a bit more on the exact requirement?
From an initial look, this does not seem like it’s feasible to alter the signature of the SAML response. We do however provide ways to change the signing key for SAML responses, but it’s not possible to alter the actual response.
1 Like
Hi @sidharth.chaudhary ,
I’ve been tasked with integrating an SSO integration called Eventsforce. I setup Auth0 application in the documented way and after sending them the debug response XML, they responded that I would need to:
ensure all the Signature information is to be prefixed with ds:
such as:
<ds:Signaturexmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#_348f87fa5fdbcfdba5bb3eea275f96e552af135e65">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>dX7G/cH5j6X9fTR+ytjD07iwSb0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
I am not sure how to go about changing this format from within Auth0.
Hey @GaxZE, Unfortunately, This is something we don’t support at the moment, Please feel free to submit feedback for this to our product team: Auth0: Secure access for everyone. But not just anyone.
1 Like