Skip to main content
When setting up SAML single-sign on (SSO), you may encounter the following error: Signature validation failed. SAML Response rejected
SAML signature validation error
This indicates one of two things:
  • You may not have entered the certificate correctly in the Semgrep SSO settings. Verify that the signature there matches the one provided by your IdP.
  • Your certificate may have a problem, such as being outside its validity dates. Inspect the signature information for the certificate you uploaded to Semgrep AppSec Platform and ensure it is valid.
If your certificate file is stored as server.crt, you can view the signature information on the command-line using: 
openssl x509 -in server.crt -text -noout
Check information such as:
  • Certificate authority or Issuer
  • Validity dates
  • Signature algorithm and value
Address any problems with the certificate. Then, upload the resulting certificate to Semgrep AppSec Platform:
1
Sign in to Semgrep AppSec Platform.
2
Click Settings > Access > SSO.
3
In the Upload/Paste certificate box, add the correct certificate.
4
Click Save.
After updating the settings, attempt a new SSO login.