SAML users creating with random ID instead of email
Hi Team,
We observed that SAML users are getting created in crx with random IDs instead of email.
If you have a look at above picture, rep:authorizableId, rep:principalName values should be like below.
rep:authorizableId = virat.kohli@gmail.com
rep:principalName = Virat Kohli
But in our case we are seeing these random IDs instead of email id and name. In the saml debug lod we are seeing below log
com.adobe.granite.auth.saml.util.SamlReader Signature verification failed for [samlp:Response: null]. No signature.
any idea why users are getting created with some random ID instead of email and name.
Here is saml config:
# Configuration created by Apache Sling JCR Installer
identitySyncType="default"
service.ranking=I"5002"
idpHttpRedirect=B"false"
createUser=B"true"
defaultRedirectUrl="/"
userIDAttribute="email"
idpIdentifier=""
assertionConsumerServiceURL="https://mysite.com/saml_login"
defaultGroups=["everyone","default"]
storeSAMLResponse=B"true"
signatureMethod="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
idpCertAlias="certalias___1707919654772"
addGroupMemberships=B"true"
path=["/"]
digestMethod="http://www.w3.org/2001/04/xmlenc#sha256"
synchronizeAttributes=["email\=profile/email","First\ Name\=profile/givenName","Last\ Name\=profile/familyName"]
clockTolerance=I"60"
groupMembershipAttribute=""
idpUrl="https://login.microsoftonline.com/huihiawdoijawiojdtest/saml2"
serviceProviderEntityId="tesyt"
handleLogout=B"false"
userIntermediatePath="samlusers"
spPrivateKeyAlias=""
useEncryption=B"false"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
Thanks!!
@Uppari_Ramesh , Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.
