SAML SSO invalid thumbprint error

Problem Statement

The login failed for every user on a SAML connection. The log event description shows an “invalid thumbprint” error.

Troubleshooting

You need to check the connection’s configured certificate and compare it with IdP’s certificate sent in the SAML response. And check the error details from the HAR file or tenant logs with the query
description:*thumbprint*

Cause

Certificates don’t match. Either changed its certificate or imported the incorrect certificate.

Solution

Please coordinate certificate changes with the IdP, as Auth0 only supports a single certificate for a SAML connection.

You can upload the current certificate used by IdP via the Dashboard (delete existing, upload new cert) or the Management API.