[ACCESS-1213] Sign SAML Requests - Create and track feature requests for Atlassian products.

Type: Suggestion
Resolution: Unresolved
Component/s: IdP SSO - Initial Setup
Labels:
None

Support reference count:
23
Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Problem Summary:

Although the official SAML standards do not require it, many IdPs require a signed AuthNRequest for security reasons.

Thereby, authentication requests to IdPs that require the signature will fail with this error:

ERROR [http-nio-8017-exec-11] [onelogin.saml2.authn.SamlResponse] isValid The status code of the Response was not Success, was urn:oasis:names:tc:SAML:2.0:status:Requester -> Signature required

Customers cannot integrate such IDPs with Atlassian Cloud as the request always fails unless they tweak the IDP logic to not check for signed SAML requests.

Solution:
Optionally provided an SP SAML certificate to the IDPs that need the SAML requests to be signed

is duplicated by

ACCESS-1231 Support signed SAML requests

Closed

is related to

ACCESS-761 Support encrypted SAML assertions

Gathering Interest

blocks: ACE-8120 Loading...

is addressed by: ENT-828 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(10 mentioned in)

Assignee:: Sudesh Peram

Reporter:: Ulka

Votes:: 35 Vote for this issue

Watchers:: 39 Start watching this issue

Created:: 16/Feb/2022 10:01 AM

Updated:: 09/May/2025 4:00 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates