Hi @Harvey Mercado,

OK, I've fully diagnosed what's going on here now. It turns out the spaces / formatting of the certificate is not the issue. Your IDPSSODescriptor has WantAuthnRequestsSigned="false", which is causing Crowdstack to ignore the signing certificate. Then, there is a bug in Crowdstack that is preventing its SAML SP from working properly due to the signing certificate being unspecified, which is the root cause of the errors you're experiencing. We are working on a fix for that issue at the moment.

You have two options:

1. Change your IdP to want signed Authn requests (WantAuthnRequestsSigned="true") and re-import the metadata XML into Crowdstack.
2. Wait until we get a bug fix deployed, which should be some time in the next couple of hours. Once the bug fix is deployed, your current scenario / configuration should work without incident.

Hope this helps! If you have further questions or issues, let me know

Brian

Hi @Harvey Mercado,

The bug fix has been deployed, and the Crowdstack SAML SP metadata XML is now working without issue:

https://manchesterunity.crowdstack.io/saml/metadata

Regards,

Brian

@Brian Lenz Thanks so much for all your help.

But what if I want to change the IDP I set up earlier. I can no longer access the Settings page for me to upload another metadata xml.

I set up single sign on earlier however, I got an error after logging to the idp, please see screenshot below:

So I'm exploring other options and I have another metadata xml that I would like to upload but I couldn't get to the page because of the error above. Appreciate all your patience and help in all these.

Hi @Harvey Mercado,

There's a "backdoor" login form that you can use to sign in as an administrator to your Crowdstack:

https://manchesterunity.crowds...n?showLoginForm=true

You should be able to sign in there with your original Crowdstack email address and password, which should allow you in to the control panel to make further changes to your SSO integration.

Hope that helps!

Brian

Thanks @Brian Lenz.

One more thing, I am trying to upload a new metadata however, I'm getting the error below saying its invalid but cut short of telling me what exactly is invalid with this file and how to address it.

I have attached the new metadata file here, in case you have the chance to check it out.

Thanks again.

Hi @Harvey Mercado,

The issue is that you have duplicate signing keys specified in the XML. You'll need to remove one of them, as it's not valid to have multiple signing keys.

Hope this helps!

Brian