Previous Topic: Enable Signature Validation at the SPNext Topic: Add a Public Key to Smkeydatabase at the IdP


Encrypt and Decrypt the Assertion

For added security, you can encrypt the assertion. Encryption is an optional task that can be performed after you have configured a basic single sign-on network.

The Identity Provider encrypts the assertion with the public key, which corresponds to the private key and certificate that the Service Provider uses to decrypt the assertion.

The configuration tasks are available at the Identity Provider and Service Provider.

Required tasks at the IdP:

Required task at the SP: