In the case of SAML protocol,
- The SAML response received from the identity provider may have expired
- Assertion in the SAML response is empty
- Your IDP may be sending the encrypted assertion and your plugin may not support the encrypted assertion or you may not enable the encrypted assertion from plugin settings
- SAML responses may be signed and you may not enable the signed response from the plugin
If you continue to experience problems despite all of this, please feel free to contact us at aspnetsupport@xecurify.com.