We send a signed soap message to a remote service and get a #signed response back.
How do I check with the signed response if the signinbg certificate is from a trusted federated Identity provider?
I get the siging certificate from the response and I check if the signature is valid. But I somehow cannot use that variable to authenticate it to a federated identity provider.
See the attached policy part.
Someone have any idea?
Sebastian van Voorn.