Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SMC-IT
New Contributor

SAML Error

Hi All

 

I am trying to configure SAML on me FortiAuth to link to my Jumpcloud account, I've filled out the info on both sides but I am getting the below error on the FortiAuth when a user tries to login.

 

SAML user authentication failed: invalid_response(The Assertion of the Response is not signed and the SP require it) " 

4 REPLIES 4
Faiza_Emam_Delhi
Contributor II

It seems like the error you are receiving is related to the Assertion of the Response not being signed, and the Service Provider (SP) requiring it.

To resolve this issue, you can try to check if the Assertion is signed in the SAML configuration settings on both the FortiAuth and Jumpcloud sides. You may need to enable signing of the Assertion in the SAML configuration settings.

If you are still experiencing issues, you may want to reach out to Fortinet support or Jumpcloud support for further assistance. They may be able to provide more specific guidance on how to resolve this error.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
JulieRamos

I appreciate your help, I will check if the Assertion is signed in the SAML configuration settings on both the FortiAuth and Jumpcloud sides. If still I face any problem, I will message here. :)

While searching for a writing service online, I came across this website, https://studyclerk.com/write-research-paper-for-me which assists me in finishing my homework. Additionally, they work rapidly.
While searching for a writing service online, I came across this website, https://studyclerk.com/write-research-paper-for-me which assists me in finishing my homework. Additionally, they work rapidly.
Faiza_Emam_Delhi

you are encountering an issue with SAML authentication on your FortiAuthenticator device. Specifically, the error message you are seeing ("SAML user authentication failed: invalid_response(The Assertion of the Response is not signed and the SP require it)") indicates that the SAML assertion in the response from Jumpcloud is not signed, but the service provider (SP) on the FortiAuthenticator side requires it to be signed.

Here are some steps you can take to troubleshoot this issue:

1. Check the SAML configuration on both the FortiAuthenticator and Jumpcloud sides to make sure that the settings are correct. Make sure that the SAML endpoints, certificates, and metadata are set up correctly.

2. Verify that the clock settings on both the FortiAuthenticator and Jumpcloud devices are set correctly. If the clocks are out of sync, it can cause issues with SAML authentication.

3. Check that the SAML assertion in the response from Jumpcloud is signed. If it is not signed, you may need to configure Jumpcloud to sign the assertion.

4. If the SAML assertion is signed, check that the signing certificate is trusted on the FortiAuthenticator side. You may need to import the signing certificate into the FortiAuthenticator's certificate store.

5. Consider reaching out to Fortinet support or Jumpcloud support for further assistance. They may be able to provide more specific guidance based on your specific situation.

By following these steps, you can further isolate the issue and determine the root cause of the problem.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
lmarinovic
Staff
Staff

Hello,

 

You can also crosscheck option under SAML setting on the Fortiauthneticator side in Service Provider and then enter your SP and under SP Metadata you have option "SAML request must be signed by SP". You can try to disable this option and see if it fixes the issue.

 

Best regards,

Lazar

Best regards

Lazar Marinovic
Labels
Top Kudoed Authors