Expand my Community achievements bar.

Learn about Edge Delivery Services in upcoming GEM session

SAML users creating with random ID instead of email

Avatar

Level 4

Hi Team, 

 

We observed that SAML users are getting created in crx with random IDs instead of email.

Uppari_Ramesh_0-1711092153929.png

 

If you have a look at above picture, rep:authorizableId, rep:principalName values should be like below.

rep:authorizableId = virat.kohli@gmail.com

rep:principalName = Virat Kohli

 

But in our case we are seeing these random IDs instead of email id and name. In the saml debug lod we are seeing below log

com.adobe.granite.auth.saml.util.SamlReader Signature verification failed for [samlp:Response: null]. No signature.

any idea why users are getting created with some random ID instead of email and name.

 

Here is saml config:

# Configuration created by Apache Sling JCR Installer
identitySyncType="default"
service.ranking=I"5002"
idpHttpRedirect=B"false"
createUser=B"true"
defaultRedirectUrl="/"
userIDAttribute="email"
idpIdentifier=""
assertionConsumerServiceURL="https://mysite.com/saml_login"
defaultGroups=["everyone","default"]
storeSAMLResponse=B"true"
signatureMethod="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
idpCertAlias="certalias___1707919654772"
addGroupMemberships=B"true"
path=["/"]
digestMethod="http://www.w3.org/2001/04/xmlenc#sha256"
synchronizeAttributes=["email\=profile/email","First\ Name\=profile/givenName","Last\ Name\=profile/familyName"]
clockTolerance=I"60"
groupMembershipAttribute=""
idpUrl="https://login.microsoftonline.com/huihiawdoijawiojdtest/saml2"
serviceProviderEntityId="tesyt"
handleLogout=B"false"
userIntermediatePath="samlusers"
spPrivateKeyAlias=""
useEncryption=B"false"
nameIdFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"

 

Thanks!! 

2 Replies

Avatar

Community Advisor

@Uppari_Ramesh as per above data, I don't think your IDP is responded with right information.. you saml response is matching with your mapping attribute.

 

Please cross check.

Avatar

Community Advisor

@Uppari_Ramesh , Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.