question

DineshRadadiya-2989 avatar image
DineshRadadiya-2989 asked ·

Decrypt SAML response

If token encryption is activate in azure active directory then how we can decrypt SAML response at client side ?

We are able to decrypt SAML response if token encryption is deactivate but not able to decrypt while it activate.

azure-active-directory
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

KAREDD-MSFT avatar image
KAREDD-MSFT answered ·

Hi @DineshRadadiya-2989,

When enabling token encryption in the Azure AD portal, you would have to provide the public key of the cert. On the application side, you have to use the private key of the same certificate to decrypt it.

Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.