can getting a "The Issuer in the SAML response did not match the Issuer configured for the Identity Provider." error be caused by certificate expired?

Loading

Skip to Navigation Skip to Main Content

Search

Search

Select Language

0D51Y00009Y1nyHSAROkta Classic EngineAdministrationAnswered2025-03-21T09:00:42.000Z2020-09-30T15:46:56.000Z2020-10-07T22:22:54.000Z

a29jw (a29jw) asked a question.

September 30, 2020 at 3:46 PM

can getting a "The Issuer in the SAML response did not match the Issuer configured for the Identity Provider." error be caused by certificate expired?

we are setting up and IDP, we exchanged the "IdP Issuer URI", "IdP Single Sign-On URL" and the certificate. the certificate has expired, it still lets me save the IDP.

then trying to use it for federated login, we get this error:

"Unable to validate incoming SAML Assertion"

"The Issuer in the SAML response did not match the Issuer configured for the Identity Provider."

any help?

tn1be likes this.

User15906061750448019479 (Vendor Management)
6 years ago
Hi Tomer,

Invalid issuer in the Assertion/Response suggests that the issuer value in the SAML assertion does not match the entity ID.
To further investigate this issue, please open a new ticket at Okta Support and our engineering team will gladly provide you assistance.

Thank You,

Eusebiu Anani
Technical Support Engineer
Okta Global Customer Care
Expand Post

This question is closed.

Recommended content

Forum

Way to view which Identity Provider's certificates are going to expire soon?

Forum

ErrorMessage: The digital signature in the SAML response did not validate with the Identity Provider's certificate

Forum

SSO not sucesfully ,we are getting the error : Issuer does not match

Forum

IDP certificate expired but still Authentication works

Loading

can getting a "The Issuer in the SAML response did not match the Issuer configured for the Identity Provider." error be caused by certificate expired?