The Security Token Service (STS) provides a method of generating, validating, and maintaining security tokens in an environment to provide authentication and authorization for external applications against an identity provider accessible by the Gateway. The STS requires three items in order to issue either a SAML token or a Security Context Token(SCT):

• An authentication mechanism (e.g., username and password, or client certificates)
• A specified request type (e.g., Issue, or Cancel)
• A specified token type to be generated (SAML or SCT)

The request being transmitted to the STS requires these three items. If one of all of them are not present then the request will fail. If one or all of them are malformed then the request will fail. The WSDL for the STS does not include sample elements for the request and token type as they vary by implementation.

The following error message may be printed in the response message, audit record, or error log when the RequestType element is present but malformed or contains unexpected data:
The RequestType element in the RequestSecurityToken element is an unknown value in the SOAP Body.

If this error occurs then the RequestType element has invalid or malformed data. The acceptable values within this field are currently (as of version 8.1.00):

1. http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue (for WS-Trust 1.1 and lower)
2. http://schemas.xmlsoap.org/ws/2005/02/trust/Issue (for WS-Trust 1.2)
3. http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue (for WS-Trust 1.3 & 1.4)

An example RequestType element should be as follows:
<ns:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</ns:RequestType>

This element should be contains as a child of the RequestSecurityToken element. Adding and properly configuring this element should result in the issue being resolved.