We send a signed soap message to a remote service and get a #signed response back.
How do I check with the signed response if the signinbg certificate is from a trusted federated Identity provider?
I get the siging certificate from the response and I check if the signature is valid. But I somehow cannot use that variable to authenticate it to a federated identity provider.
See the attached policy part.
Someone have any idea?
Sebastian van Voorn.
Hi Sebastian, did you try your use case with this assertion Require Signed Element Assertion - CA API Gateway - 9.3 - CA Technologies Documentation
Yes I did and I allso got credentials from it using Retreive credentials from Contect variable. But I didn't manage to use that to authenticate to an identity provider.
Or is it implicitly done?