How does Okta use symmetric encryption with SAML?

Loading

Skip to Navigation Skip to Main Content

Search

Search

Select Language

0D51Y0000668rU2SAIOkta Classic EngineIntegrationsAnswered2019-04-01T08:00:44.000Z2019-03-29T11:01:44.000Z2019-04-01T08:00:44.000Z

PaulT.35329 (Customer) asked a question.

Edited March 29, 2019 at 11:16 AM

How does Okta use symmetric encryption with SAML?

I am confused by the SAML encryption settings within Okta.

If I set Assertion Encryption to Encrypted, I have to also set the Encryption Algorithm and the Key Transport Algorithm.

The Encryption Algorithm is symmetric while the Key Transport Algorithm is asymmetric.

Does this mean that a symmetric key is created by Okta, then encrypted using the SP's public key?

If so, why not just encrypt the assertion using the public key?

I could understand it would be more efficient to use symmetric encryption if messages were large or there would be many messages passed back and forth, but I don't see that being the case.

Any help appreciated,

Thanks

florin.tronaru1.510219407797726E12 (Okta, Inc.)
7 years ago
Hi there,

Please email your request to security@okta.com. Thank you for your understanding!
Expand Post

This question is closed.

Recommended content

Forum

Issue with symmetric Encryption (AES-256-CBC/SHA-256 Cards)

Forum

How to encrypt assertions in an Okta SAML IDP app to be decrypted by the external SP

Forum

How does Okta store security questions and responses? Are they encrypted at rest?

Forum

How does Okta OMM secure mobile applications with Okta mobile application?

Loading

How does Okta use symmetric encryption with SAML?