Handling SAML-message failed: Neither the SAML Response nor the Assertion have a valid signature

Problem:

The SAML SSO app for Atlassian Data Center or Server stops working while configured with AD FS. The following error is thrown:

Handling SAML-message failed: Neither the SAML Response nor the Assertion have a valid signature.
com.resolution.samlwrapper.api.exception.MessageReadingException: 
Neither the SAML Response nor the Assertion have a valid signature.

Solution:

This message usually occurs if the certificate on ADFS has been renewed but not updated in the plugin.

To fix this:

Go to the SAML Single Sign On for Atlassian Data Center or Server configuration page
Click on the Identity Providers tab
Click the Load button next to the Metadata URL field
Save the configuration - this reloads the metadata and thus the new certificate

If you have configured the Metadata by pasting the XML:

Update the XML in the field
Click Load
Save the configuration

To fix this for the long term, please mark the checkbox Automatic reload (directly below the metadata URL), then our plugin automatically downloads the metadata every 24 hours.

That would prevent the issue to re-occur if the certificate got changed.

Problem:

Solution:

SAML Single Sign-On is available for Atlassian Server & Atlassian Data Center products. Our Jira Data Center, Confluence Data Center, Bitbucket Data Center, Jira Server, Confluence Server, Bitbucket Server and other apps are all available on the Atlassian Marketplace.

SAML Single Sign-On is available for Atlassian Server & Atlassian Data Center products.

Our Jira Data Center, Confluence Data Center, Bitbucket Data Center, Jira Server, Confluence Server, Bitbucket Server and other apps are all available on the Atlassian Marketplace.