Problem Statement
When trying to log in using an ADFS as a SAML connection, login errors out with the following error: “No AssertionConsumerService is configured on the relying party trust ‘…’ that matches the AssertionConsumerService ProtocolBinding ‘urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect’ specified by the request”.
Step to Reproduce
- Create an ADFS as a SAML connection
- Enable the Sign Request toggle with protocol binding set to HTTP-Redirect
- Download the certificate
- Return to ADFS and load the downloaded certificate using the Signatures tab of the Relying Party properties dialog
- Try to login
Cause
The signed request is sent using REDIRECT. And ADFS is unable to accept it. REDIRECT causes the request to be in the URL.
Solution
On the Auth0 dashboard, go to Enterprise → SAML → Under setting page, update Protocal Binding to HTTP-POST.