SAML integration fails with U00045014 Failed to decrypt EncryptedData
search cancel

SAML integration fails with U00045014 Failed to decrypt EncryptedData


Article ID: 276735


Updated On:


CA Automic Workload Automation - Automation Engine


The SAML integration fails when the SAML Response is encrypted with "Error decrypting encrypted key"

20230829/114021.393 - 66     U00045325 SAML-Token als '<samlp:Response>' erhalten
20230829/114021.433 - 66               Error decrypting encrypted key
20230829/114021.434 - 66               Failed to decrypt EncryptedKey, valid decryption key could not be resolved
20230829/114021.435 - 66               Failed to decrypt EncryptedData using either EncryptedData KeyInfoCredentialResolver or EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver
20230829/114021.436 - 66               SAML Decrypter encountered an error decrypting element content
20230829/114021.437 - 66     U00045014 Ausnahme ' "Failed to decrypt EncryptedData"' in ''.



Version: All

Component: Automic Automation

Context: SAML integration


The feature WantSAMLResponseSigned=true is not supported in Automic


Please ask your IdP provider to disable the feature WantSAMLResponseSigned=true in SAML

Additional Information

Support for Encrypted SAML assertions was never in scope and was not implemented.
Due to all Identity Providers using https (encryption) for transfering the SAML login data it is considered that this provides enough security.
If you would need this feature, please open a feature request via the Ideas section in the communities