Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

SAML Azure AD B2C - ERROR: Assertion Signature Node Not Found

 

Information

 

Summary:

When using SAML on the LoadMaster with Azure AD B2C, it is common to receive the following error when the SAML response is processed on the LoadMaster: "ERROR: Assertion Signature node not found".

Environment:

Product: LoadMaster

Version: Any

Platform: Azure AD B2C

Application: Any

Question/Problem Description:

This error occurs when the SAML response from Azure AD B2C contains the signature outside of the Assertion node (security token), which isn't compatible with the LoadMaster. The Assertion must be signed by the certificate, and the resulting signature placed within the Assertion node in the SAML response in order to be verified correctly on the LoadMaster.

Steps to Reproduce:  
Error Message: ERROR: Assertion Signature Node Not Found
Defect Number:  
Enhancement Number:  
Cause: Azure AD B2C assertion signature is not inside the Assertion Node.
Resolution:  
Workaround: To ensure Azure AD B2C signs the Assertion and places the signature inside the Assertion node within the SAML response, please consult Microsoft support or Microsoft documentation for assistance in configuring this on Azure AD B2C.
Notes:

How to sign Assertion on Azure AD B2C:

https://docs.microsoft.com/en-us/answers/questions/8458/hot-to-sign-assertion-only-azure-ad-b2c-as-idp-usi.html

LoadMaster SAML Deployment Guide:

https://support.kemptechnologies.com/hc/en-us/articles/6600375696909-SAML


Comments