AnsweredAssumed Answered

How do I check for authentic signed response?

Question asked by svvoorn on Apr 25, 2018
Latest reply on Apr 25, 2018 by svvoorn

We send a signed soap message to a remote service and get a #signed response back.

How do I check with the signed response if the signinbg certificate is from a trusted federated Identity provider?

I get the siging certificate from the response and I check if the signature is valid. But I somehow cannot use that variable to authenticate it to a federated identity provider.

See the attached policy part.

 

Someone have any idea?

 

Sebastian van Voorn.

Outcomes