Error Code Description
The Free version of the plugin does not support encrypted assertion and IDP is sending Encrypted Assertion.
Solution
Please turn off assertion encryption in your IDP to test the SSO flow.
Follow the steps below to resolve the error for the IdPs listed:
- Okta as IdP
- KeyCloak as IdP
Configuration steps for Okta as IdP:
Follow the steps below to resolve the ERROR WPSAMLERR001 for Okta:
- Once you are in the Okta Admin Dashboard, then navigate to the Applications tab and select the application which you have created.
- Select the General tab, scroll down to the SAML Settings and click on Edit.
- Click on Next button.
- Click on the Show Advanced Settings.
- For Assertion Encryption filed, select UnEncryted as the value from the dropdown.
- Click on Next button.
- Click on Finish button.
- Finally, In the WordPress SAML SSO plugin, go to the Service Provider Setup tab of the plugin.
- Click on Test Configuration to check if the ERROR WPSAMLERR001 for Okta has been resolved. If the error is fixed, the test is successful.
Configuration steps for KeyCloak as IdP:
Follow the steps below to resolve the ERROR WPSAMLERR001 for KeyCloak:
- Once you are in the Keycloak Admin console, click on Clients tab from the left menu and then click on the client/application which you have created.
- Then, click on Keys tab.
- Scroll down to the Encryption keys config section (Encrypt assertions toggle might be enabled).
- Disable the Encrypt assertions toggle to test the flow SSO without the Error..
- Finally, In the WordPress SAML SSO plugin, go to the Service Provider Setup tab of the plugin.
- Click on Test Configuration to check if the ERROR WPSAMLERR001 for KeyCloak has been resolved. If the error is fixed, the test is successful.
Feel free to reach us at samlsupport@xecurify.com
