Reputation: 83
SAML extension grant type configuration of wso2 api manager
I'm configuring SAML SSO and saml to oauth2 bearer token exchange on wso2 products. A wso2 identity server instance for the idp and same instance configured as the service provider for SSO. And another wso2 api manager instance for the saml2 to oauth2 bearer token exchange.
I'm getting following error when POST to the https://wso2amsrv.com:9463/oauth2/token. ERROR - SAML2BearerGrantHandler Error in constructing XML Object from the encoded String
- Not sure the configuration is correct
- What is the encoding for the saml assertion? URL encoding or base64 encoding?
Upvotes: 1
Views: 363
Answers (1)
Reputation: 5821
Configurations does not seems be much correct. SAML2 Assertion is a XML. When you are calling the /token endpoint, SAML2 Assertion must be base64 url encoded. It is great, if you can go through this to understand how you can properly setup to grant an access token with SAML2 bearer assertion profile.
Upvotes: 2
Related Questions
- Configuring WSO2 IS as a key manager
- Unable to configure SAML2 Web SSO Configuration under Service Providers in WSO2 API Manager 3.0.0
- WSO2 SAML api authentication
- Custom grant type in WSO2 IS 5.2.0
- WSO2AM - SAML - Provided Authorization Grant is invalid
- Grant types in WSO2 API store
- WSO2 API Manager 2.0 User Class extension
- How to configure WSO2 API Manager to an external Identity Provider?
- WSO2 Identity Server - Customize SAMLSSOAuthenticator
- WSO2 Identity Server obtain SAML token for rest call