SSO: No Access Because Client's SAML Assertion Has No X.509 Signing Certificate
(Doc ID 2209527.1)
Last updated on JANUARY 22, 2020
Applies to:Oracle Taleo Platform Cloud Service - SmartOrg (Central Configuration) - Version 15A and later
Information in this document applies to any platform.
Access to zone via SSO does not work. Investigations of logs and traces show the following error related to the SAML assertion that was received into Taleo:
A Fiddler trace shows that the SAML assertion from the client's system is using a x509 certificate for the signing that is different than the client 'standalone' certificate installed in the relevant Taleo zone.
Earlier the client's "IDP" (Identity Provider) standalone certificate was uploaded to the zone and verified by customer as the one their system was going to use for signing SAML assertions submitted to Taleo.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document