How to add <ds:signature> to the <saml2:Assertion> section?
search cancel

How to add <ds:signature> to the <saml2:Assertion> section?

book

Article ID: 46463

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

When using Create SAML Token assertion, in the SAML Response we require the <ds:signature> to be included in the <saml2:Assertion> section but it only appears in the <samlp2:Response> section.

Environment

Release:
Component: APIGTW

Resolution

On step 10: Digital Signatures of the Create SAML Token assertion wizard there is a check box for “Sign Assertion with an Enveloped Signature”. Checking this box will include the <ds:signature> into the <saml2:Assertion>

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/11-0/policy-assertions/assertion-palette/xml-security-assertions/create-saml-token-assertion.html