The #1 rule

„We take security seriously“ or „we take your privacy and security seriously” is what you hear from every company that offers some kind of service on the internet. It is what customers want to hear, what shareholders want to hear, and of course, what employees want to hear. After all, Read more…

Troubleshooting – Recipient in SubjectConfirmationData is invalid

Scenario A user authenticated against the SAML 2.0 IdP. The OAuth client is sending the SAML 2.0 Response containing the user assertions to the NetWeaver ABAP system. An error of type invalid grant is returned. Error message: {    “error”: “invalid_grant”,    “error_description”: “Provided authorization grant is invalid. Exception was Attribute ‘Recipient’ of element ‘SubjectConfirmationData’ is invalid. For more information, consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545” } Root cause The OAuth client is sending the SAML Read more…

Troubleshooting – Access token not issued due to missing signing of Message Assertion

Scenario You send a SAML Bearer Assertion to the OAuth token service of SAP Gateway. The Return type is 400 Bad Request. Error message {    “error”: “invalid_grant”,    “error_description”: “Provided authorization grant is invalid. Exception was Message Assertion is not signed. For more information, consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545” } Root cause The error message contains a description of the root cause for the HTTP 400: “Exception was Message Assertion is not Read more…