Data does not conform to schema error in SAML2 federation when AM (All versions) is federating with a third-party provider

Symptoms

The following error is shown when in the Federation debug log:

The lines preceding this error will give more information on where the issue is occurring, for example:

• Issue with the AuthnRequest: ERROR: UtilProxySAMLAuthenticator.getAuthnRequest: com.sun.identity.saml2.common.SAML2Exception: Data does not conform to schema. at com.sun.identity.saml2.protocol.impl.AuthnRequestImpl.validateSignature(AuthnRequestImpl.java:815) at com.sun.identity.saml2.protocol.impl.AuthnRequestImpl.parseDOMElement(AuthnRequestImpl.java:686) at com.sun.identity.saml2.protocol.impl.AuthnRequestImpl.<init>(AuthnRequestImpl.java:91)
• Issue with the SAMLResponse: ERROR: SPACSUtils.getResponse: Exception when instantiating SAMLResponse: com.sun.identity.saml2.common.SAML2Exception: Data does not conform to schema. at com.sun.identity.saml2.protocol.impl.ResponseImpl.parseElement(ResponseImpl.java:167) at com.sun.identity.saml2.protocol.impl.ResponseImpl.<init>(ResponseImpl.java:294) at com.sun.identity.saml2.protocol.ProtocolFactory.createResponse(ProtocolFactory.java:1419)

Recent Changes

Configured SAML2 federation with a new third-party entity provider.

Updated an existing SAML2 federation with a third-party entity provider.

Causes

The XML received from the third-party entity provider is in violation of the SAML2 XSD schema.

Solution

This is not an issue with AM. This issue can be resolved by contacting your third-party entity provider and requesting they correct the issue(s) causing the schema violation.

You can find more details behind the actual cause by validating the XML yourself using: SAML Developer Tools - Validate XML with the XSD schema. Ensure you select the appropriate schema depending on what is indicated in the debug log. 

See Also

SAML v2.0 Guide

Related Training

N/A

Related Issue Tracker IDs

N/A