Data does not conform to schema error in SAML2 federation when AM (All versions) is federating with a third-party provider
The purpose of this article is to provide assistance if you see a "Data does not conform to schema" error when AM is federating with a third-party entity provider. AM can be either the hosted Identity provider (IdP) or hosted Service Provider (SP).
Symptoms
The following error is shown when in the Federation debug log:
com.sun.identity.saml2.common.SAML2Exception: Data does not conform to schema.The lines preceding this error will give more information on where the issue is occurring, for example:
- Issue with the AuthnRequest: ERROR: UtilProxySAMLAuthenticator.getAuthnRequest: com.sun.identity.saml2.common.SAML2Exception: Data does not conform to schema. at com.sun.identity.saml2.protocol.impl.AuthnRequestImpl.validateSignature(AuthnRequestImpl.java:815) at com.sun.identity.saml2.protocol.impl.AuthnRequestImpl.parseDOMElement(AuthnRequestImpl.java:686) at com.sun.identity.saml2.protocol.impl.AuthnRequestImpl.<init>(AuthnRequestImpl.java:91)
- Issue with the SAMLResponse: ERROR: SPACSUtils.getResponse: Exception when instantiating SAMLResponse: com.sun.identity.saml2.common.SAML2Exception: Data does not conform to schema. at com.sun.identity.saml2.protocol.impl.ResponseImpl.parseElement(ResponseImpl.java:167) at com.sun.identity.saml2.protocol.impl.ResponseImpl.<init>(ResponseImpl.java:294) at com.sun.identity.saml2.protocol.ProtocolFactory.createResponse(ProtocolFactory.java:1419)
Recent Changes
Configured SAML2 federation with a new third-party entity provider.
Updated an existing SAML2 federation with a third-party entity provider.
Causes
The XML received from the third-party entity provider is in violation of the SAML2 XSD schema.
Solution
This is not an issue with AM. This issue can be resolved by contacting your third-party entity provider and requesting they correct the issue(s) causing the schema violation.
You can find more details behind the actual cause by validating the XML yourself using: SAML Developer Tools - Validate XML with the XSD schema. Ensure you select the appropriate schema depending on what is indicated in the debug log.
See Also
Related Training
N/A
Related Issue Tracker IDs
N/A