Reputation: 391
How to check if the SAML Assertion Response from the IdP reaches the SP in Ping Federate?
The SAML Response will be posted to the following url:
But when I try to hit the url, I am not able to see the response. Anything wrong in my approach?
Thanks & Regards, Aswini J
Upvotes: 0
Views: 688
Answers (1)
Reputation: 4255
A few things assuming you are setting up SAML 2.0 Web SSO Profile -
What do you mean you can't "see" the Response? Are you successfully logging into the IDP and having it redirect the Browser to the PF ACS URL?
With PingFederate, the application and protocol end-points are case sensitive. You should use
http(s)://www.server.com:<PF runtime port>/sp/ACS.saml2. If you simply request this value from your browser with a GET request and no SAML data, PingFed will show you a generic error template page. If you have successfully POST'd the SAMLResponse to the right endpoint, you will see the actual SAMLResponse logged in the /pingfederate/log/server.log.
Upvotes: 3
Related Questions
- Is it possible to tie initial SAML request to the SAML Assertion received from the IDP?
- Configuring SP to send assertions to IDP (PingFederate SAML 2.0)
- PingFederate: Error Signature Required on SP Initiated Login
- Check authenticity of SAML assertion message as SP
- Ping federate as IDp, consuming the SAML 2.0 response in ASP .net web forms
- SAML 2 (Ping Federate) Should the AssertionConsumerServiceURL be accessible by the IdP?
- How to validate whether SAMLv2 response is from IdP?
- PingFederate Parse SAML Assertion
- Sending a SAML assertion from IDP to SP
- SAML 2.0 assertion response URL for Ping Federate 6.1 service provider