My Oracle Support Banner

IDCS: Palo Alto SAML integration cannot open SignIn page in Unix/Android devices (Doc ID 2878794.1)

Last updated on JUNE 27, 2022

Applies to:

Identity Cloud Service (IDCS) - Version N/A to N/A
Information in this document applies to any platform.

Symptoms

I have a SAML issue, noting that the provided certificate has failed and users are unable to login with the SAML because of that.
This is the error i get: Failed to validate the signature in IdP certificate "crt.OCI-SAML-IDP.shared" of entity Id "https://idcs-GUID.identity.oraclecloud.com:443/fed"


The above SAML error only impacts Linux and Unix devices connecting through Global Protect application in Palo Alto.

Linux and Android devices do not display the sign in page for IDCS. Other device types (Windows / Apple) are working despite the above error showing when committing the changes in Palo Alto VPN.

 

Changes

 Palo Alto Embedded App browser cannot open IDCS sign in page libraries. In IDCS, these load with successful responses.

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.