Service Provider application unable to read/validate SAML assertion


I have an application developed on the HANA XSA platform that is using the UAA service with authentication federated to an external SAML 2.0 compliant IDP. I created a simple application in my Auth0 dev account with SAML Add-on and configured the Application Callback URL as my service provider’s Assertion Consumption Service URL. When I go to my application, it successfully re-directs to the Auth0 authentication/log-in page where I am able to successfully authenticate via google-auth. However, when the SAML token is POST-ed back to my ACS URL, my UAA service gives an error message saying “Response doesn’t have any valid assertion which would pass subject validation”. I am unable troubleshoot what is causing this issue.

As for the configuration of the IDP in my service provider, I have followed the same steps as other SAML IDPs I have tried (Okta, OneLogin) and they all work fine to authenticate the user and log in to the appilication. I am not certain what is different about the SAML configuration in Auth0. Please advise and provide any pointers to help me troubleshoot this.

Thank you!

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?