• State Not Answered
  • Replies replies
    13
  • Subscribers subscribers
    17
  • Views views
    1525
  • Users 0 members are here
  • Locked Locked
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Request was from an untrusted provider NAM

Felice Coppola

Hi, I'm trying to setup SSO SAML from Keycloak and NAM. In my keycloak admin console I have imported the metadata.xml of the NAM related environment (given to me from my organization) and I have set all the fields and stuff needed to connect my keycloak client with NAM IdP.  I have downloaded the sp-metadata.xml

For the NAM Side my colleague have created a service application with my keycloak url and name, and he added my sp.metadata.xml for connecting keycloak client with NAM IdP.

Now, when I try to login into my application I'm able to insrrt credentials into keycloak login page but when I click on "Login" button I'm redirect to a page of my organization with this error message "Request was from an untrusted provider" (pic for better understanding).

I have created a new docker container with cert.pem and key.pem get from keystore.jks of the organization but the error is still here

I don't know if the problem was from my keycloak client or NAM IdP

I hope my question is clear, thanks for the help

Labels:

Access Manager
Parents
  • 0  

    Hi!

    NAM reports this error when configuration in NAM is not in line with SAML request sent from Service Provider (Keycloak in your example).

    To help you further with troubleshooting you would need to:

    • send actual SAML request (you can install a browser plugin like SAML-tracer)
    • show us how NAM is configured (e.g. screenshot of metadata tab when looking at service provider configuration)

    Kind regards,

    Sebastijan

    Kind regards,

    Sebastijan

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

Reply
  • 0  

    Hi!

    NAM reports this error when configuration in NAM is not in line with SAML request sent from Service Provider (Keycloak in your example).

    To help you further with troubleshooting you would need to:

    • send actual SAML request (you can install a browser plugin like SAML-tracer)
    • show us how NAM is configured (e.g. screenshot of metadata tab when looking at service provider configuration)

    Kind regards,

    Sebastijan

    Kind regards,

    Sebastijan

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

Children
  • 0 in reply to   

    Hi, Sebastian thanks for the answer. I have installed SAML-tracer and I will put here the request.

    For the NAM side I don't know If i can get a screenshot because is managed from other team.

    I will update my answer with SAML request when I can try again, thanks!!

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.