Click here to Skip to main content
15,672,517 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
See more:
Can I create a saml token without signing it?
I need to serialize and deserialize the token (WCF client <--> service interaction), but I do not need the signature nor the encryption.

1 solution

AFAIR, You can't, and this is by design./

You do need both the signing and the encryption, for the SAML token to be useful. Without both signing and encryption, you cannot trust the SAML token, and the purpose of these is security.
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900