The assertion does not ask for a private key because it assumes there is one in the private keystore. What error are you getting? Can you post policy here?
------------------------------
Jay MacDonald - Adoption Architect - Broadcom API Management (Layer 7)
------------------------------
Original Message:
Sent: 06-25-2020 08:33 AM
From: Akshat Aranya
Subject: Decrypt SAML Response
We have a requirement where layer7 is acting as service provider and we get a SAMLresponse which is signed by IDP certificate and assertion part of SAMLresponse is encrypted using SPs digital cert, I want to understand how can I decrypt this SAML response for processing in layer7,Ii was able to validate the signature but stuck in how to decrypt this samlResponse. The NonSoap Decrypt element doesnt asks for private key. Please suggest