AnshuK.96543 (Customer) asked a question.
How to validate signature in SAML Response from Okta to SP?
How to validate signature in SAML Response from Okta to SP? Do we need validate signature using the idp certificate?
- gabriel.sroka1.4374539321839353E12 (Okta, Inc.)Hi AnshuYes, you need the IdP's certificate.Are you writing your own SP? Most SPs or SAML libraries come with functionality to do this, and I strongly suggest using one because it can be tricky to get it right yourself. Thanks.Expand Post
- gabriel.sroka1.4374539321839353E12 (Okta, Inc.)Hi AnshuYes, you need the IdP's certificate.Are you writing your own SP? Most SPs or SAML libraries come with functionality to do this, and I strongly suggest using one because it can be tricky to get it right yourself. Thanks.Expand Post
- AnshuK.96543 (Customer)We are using Guidewire as SP. For validation of signature it is expecting idp's public and private key.How do we get both idp's keys? Is this avalible in the idp's certificate? BasicCredential basic = new BasicCredential()basic.setPublicKey(publicKey)basic.setPrivateKey(privateKey)var sigValidator = new SignatureValidator(basic)Expand Post
- gabriel.sroka1.4374539321839353E12 (Okta, Inc.)Hi AnshuA private key belongs to the entity that created it and no one else (that's why it's "private"). The public key, on the other hand, can be shared with anyone. So, Okta's private is internal to Okta, no one else can see it.Furthermore, to verify a signature only requires a public key (not a private key).Can you post URLs for Guidewire and/or the code you listed above?Expand Post
This question is closed.
