Access denied using Samly with Jumpcloud

Hello Everyone,
I’m trying to use samly with Jumpcloud as an IdP. After I linked the two platform (The backoffice and Jumpcloud) I got an access_denied {:envelope, {:error, :no_signature}} error back from Assertion Consume Service endpoint http://localhost:4000/sso/sp/consume/my-idp, did someone faced this issue before and can help with guidance.

# Samly configs
config :samly, Samly.State,
  store: Samly.State.Session,
  opts: [key: :jumpcloud_state_session]

config :samly, Samly.Provider,
  idp_id_from: :path_segment,
  service_providers: [
      id: "my-sp",
      entity_id: "my-idp",
      certfile: "priv/cert/selfsigned.pem",
      keyfile: "priv/cert/selfsigned_key.pem"
  identity_providers: [
      id: "my-idp",
      base_url: "http://localhost:4000/sso",
      sp_id: "my-sp",
      metadata_file: "JumpCloud-saml2-metadata.xml",
      allow_idp_initiated_flow: true,
      use_redirect_for_req: false,
      sign_requests: true,
      sign_metadata: true,
      signed_assertion_in_resp: true,
      signed_envelopes_in_resp: true,
      nameid_format: :transient

I couldn’t find a clear statement on Jumpcloud’s site whether this should be true or false, but the error message suggests it should be false.

1 Like