You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SamlClient.decodeAndValidateSamlResponse() fails if the response doesn't contain NameID. It seems like the field used to be required, but isn't anymore at the moment.
Although most IDPs probably do send it, or should be configurable to, we currently have no way of accepting responses without NameID, and no way of convincing IDPs outside of our control to change this (since they are apparently sending out a compliant response).
Could the requirement be dropped, perhaps in favor of a warning, or otherwise have some option of disabling the requirement?
SamlClient.decodeAndValidateSamlResponse()fails if the response doesn't containNameID. It seems like the field used to be required, but isn't anymore at the moment.Although most IDPs probably do send it, or should be configurable to, we currently have no way of accepting responses without NameID, and no way of convincing IDPs outside of our control to change this (since they are apparently sending out a compliant response).
Could the requirement be dropped, perhaps in favor of a warning, or otherwise have some option of disabling the requirement?
See also this thread: SAML-Toolkits/python-saml#112
The text was updated successfully, but these errors were encountered: