+ Start a Discussion

trouble with SSO

I'm sending some assertions to the recipient url that salesforce told me but it doesn't let me sign on. When I go to the login history, I don't even see any failed attempts. Anything right off the bat that I'm not doing?
Also, are these messages I send to salesforce supposed to be a saml response or a saml assertion. Both ways don't work for me but I'd just like to know. Is Salesforce expecting the x509 certificate in the assertion? In the response I know where to put in the signature tag and so on, but with a normal assertion, I don't know where to put in the certificate.
Thanks in advance.
We are supporting SAML 1.1 browser POST profile.  So you must send SAMLResponse post param.   We don't require a separate signature for SAML assertion but if it's present, we will validate it.  The signature for the SAML Response is mandatory though.  There is no need to include the X509 in the signature.  We will always validate against the one you uploaded in the configuration.

Jong Lee