SAML: invalid response / Signature validation failed. SAML Response rejected

2 users found this article helpful

Applies to:
- Parallels Secure Workspace
Last Review: Nov 28, 2023
Available Translations:
Get updates Download

Symptoms

In the HTTP network requests in the front end, a call to https://<workspace_env>/api/saml returns an error 500 with this JSON response:

{"error": "Signature validation failed. SAML Response rejected"}

In log files, this can be seen:

2022-12-08 10:23:30.267205+00:00 awnode01 awingu-api.service[/opt/awingu/awingu-core/virtualenv/bin/gunicorn:9359]: Encountered errors during SAML authentication: ['invalid_response']

Cause

The federation metadata XML is incorrect.

This could simply be wrong, or the federation metadata may have become outdated.

Resolution

When pointing to a federation metadata XML: Make sure Parallels Secure Workspace can connect to the specified host ( for example: login.microsoftonline.com - port 443 ).
When importing a federation metadata XML file: Make sure it's the latest version.

Mind that federation metadata may change over time. For this purpose, it's recommended to point to a URL from which Parallels Secure Workspace can fetch the federation metadata XML.

Was this article helpful?

Tell us how we can improve it.