You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, there doesn't seem to be a way to directly perform validation using saml2, so we have to parse the XML response ourselves and perform the check separately. This is fine, except in the case when the assertion is encrypted, which forces us to make another operationally costly decryption (one by saml2 and one by us).
Would it be possible to have saml2 either return the decrypted assertion or explicitly validate the name ID during validation?
The text was updated successfully, but these errors were encountered:
Our team needs to be able to validate the nameID format of the SAML response assertion.
Currently, there doesn't seem to be a way to directly perform validation using saml2, so we have to parse the XML response ourselves and perform the check separately. This is fine, except in the case when the assertion is encrypted, which forces us to make another operationally costly decryption (one by saml2 and one by us).
Would it be possible to have saml2 either return the decrypted assertion or explicitly validate the name ID during validation?
The text was updated successfully, but these errors were encountered: