I believe Keycloak is expecting each SAML Request (AuthnRequest) to be signed. The Service Provider does not support signed SAML Requests.
The error I am getting is SigAlg was null
request validation failed: org.keycloak.common.VerificationException: SigAlg was null
2023-06-09 10:57:55,436 WARN [org.keycloak.events] (executor-thread-72) type=LOGIN_ERROR, realmId=d162e9db-f175-47fb-bef4-249f144b453f, clientId=null, userId=null, ipAddress=172.17.0.1, error=invalid_signature
I thought turning off signing for the SAML client would fix this:
But I think this might just relate to the SAML Authentication response, i.e. Assertion.
In the metadata I still see WantAuthnRequestsSigned="false".
I’m using KeyCloak 21.1.1 in Docker.
Any help or pointers would be much appreciated.