Required parameters are missing in SAML request

sumit_infotrust · 2 weeks ago

Getting the following error from netskope on submitting Rpaas authentication.

I can see that SAML auth is a success and correct parameters are being passed

Required parameters are missing in SAML request.

Please contact your admin for assistance.

Error code - 0x0008301

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                ID="_34c3170d-c2d5-4641-a500-efff1156aab1"
                Version="2.0"
                IssueInstant="2023-05-19T23:49:59.463Z"
                Destination="https://saml-infotrust.goskope.com/saml2/http-post/sso/y27jeqzXClz3pXsFW9HY/2"
                >
    <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://sts.windows.net/3e1da75a-6547-480c-900d-575bebac3e46/</Issuer>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
    </samlp:Status>
    <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
               ID="_639c9f25-3406-40af-bd4c-e43213da3d00"
               IssueInstant="2023-05-19T23:49:59.453Z"
               Version="2.0"
               >
        <Issuer>https://sts.windows.net/3e1da75a-6547-480c-900d-575bebac3e46/</Issuer>
        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
            <SignedInfo>
                <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
                <Reference URI="#_639c9f25-3406-40af-bd4c-e43213da3d00">
                    <Transforms>
                        <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                        <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                    </Transforms>
                    <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
                    <DigestValue>UzMGZT1BfQeDMQ+gg8XJFsssbmKp4ljOZxaFXU4hQn8=</DigestValue>
                </Reference>
            </SignedInfo>
            <SignatureValue>U+ScZnsV4xm800XIN/DF/UigFiORk6w9xA7C7a2tYZdp7T+RCLib4Ek99pQ3mRp/+PqFfkeq7xpwY1c8oy17zppi7I1ixNs6h5XCIlEBTzzF4JAE13urKVBIHpJvw1XyNlUEzwEV+P9nuOL4/9PD2gsQU0nMdKjbHzXXmM0TzjxIV3wkUkRB+TayBGbkIImvkXTEwlQ7aKuiwcmKrpU1BDRGZ1AY1NsWn2lL5qOskWp3cWSWIPj+YiIMaf9eq7aj8/c7BgC+DnEZgP0gUhYx01zgUIMzBQEq7smeOqbgJRMEg0JyFxJDe5yzKHpaJHUF3Azo5GUO6kXUYEmiOY85cA==</SignatureValue>
            <KeyInfo>
                <X509Data>
                    <X509Certificate>MIIC8DCCAdigAwIBAgIQM/S0MRBd3KdJoC1/ZzUbAzANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0yMzA1MTgyMzQ1NDNaFw0yNjA1MTgyMzQ1NDNaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytneccCv9UN5CHD3ksUK5Ayx03cBJtuqQvSw+u2j898e5o/RTGrNmmwsg0Mvc/JHDwDyFojFCvIgYyoa7k7h5dnlyHmm/f81DTAxQoLIu2purlDxvyo0vlpljLovZuUQVAwrt8ZDaRic380hbP8Qa8y4z3PdEr1hOWs+nGA40zOgnGiBJPTyyT9M1VpuUQ6TVtA5Yiw5UCUl897rJ2aMvxWQwO6cFP5KDbhrOS+Na3G8N9iNugaKhjofdmAZvKhvBRTHejaW8XA1XUQPtZ8GYEIf82CU3Tr+cWTsswn3/9OQY+GuPOrT85jc05flKTURux+Gy3VZ2iJEhxM47GvSiQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAkF0B9yG8hyPgkVzCPB1i+4jEl3Qn1PVbaNJ7iwXcnwCsy8+6trNArr7Su5YDwXXqOeYPkxmA1u7GIDShGiuK+5YQ8CRoWR9Xfyu4TAaV69fK4IiufMSfTwZG2OPVenW1yUAw5Uus95esnC7NExWWi3Ybqhr/XEumKozxLeu3UOSddLMinhGuKDe/wzDS+408eVTG319YXiDhpEbWEhdiWWTklTgxKb5IqWkehj1BkW/2hwbMemFT/g9LU4+3Wqg8D32B+KUWp/2ariolxmHEDqtGgU3xnKR1H6ZR+wEsxDjXECKeVWhTNMZBW9WnAZf8MDjWy5/L6bLhguBAqfH7z</X509Certificate>
                </X509Data>
            </KeyInfo>
        </Signature>
        <Subject>
            <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">sumit.singh@validatenow.tech</NameID>
            <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <SubjectConfirmationData NotOnOrAfter="2023-05-20T00:49:59.269Z"
                                         Recipient="https://saml-infotrust.goskope.com/saml2/http-post/sso/y27jeqzXClz3pXsFW9HY/2"
                                         />
            </SubjectConfirmation>
        </Subject>
        <Conditions NotBefore="2023-05-19T23:44:59.269Z"
                    NotOnOrAfter="2023-05-20T00:49:59.269Z"
                    >
            <AudienceRestriction>
                <Audience>y27jeqzXClz3pXsFW9HY</Audience>
            </AudienceRestriction>
        </Conditions>
        <AttributeStatement>
            <Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid">
                <AttributeValue>3e1da75a-6547-480c-900d-575bebac3e46</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier">
                <AttributeValue>ae1fb61f-8540-4606-9a9a-08847331ed51</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.microsoft.com/identity/claims/displayname">
                <AttributeValue>Sumit Singh</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider">
                <AttributeValue>https://sts.windows.net/3e1da75a-6547-480c-900d-575bebac3e46/</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences">
                <AttributeValue>http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</AttributeValue>
                <AttributeValue>http://schemas.microsoft.com/claims/multipleauthn</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
                <AttributeValue>Sumit</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
                <AttributeValue>Singh</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
                <AttributeValue>sumit.singh@validatenow.tech</AttributeValue>
            </Attribute>
            <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
                <AttributeValue>sumit.singh@validatenow.tech</AttributeValue>
            </Attribute>
        </AttributeStatement>
        <AuthnStatement AuthnInstant="2023-05-19T23:49:34.521Z"
                        SessionIndex="_639c9f25-3406-40af-bd4c-e43213da3d00"
                        >
            <AuthnContext>
                <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef>
            </AuthnContext>
        </AuthnStatement>
    </Assertion>
</samlp:Response>