SAML consumer VAM missing cookie and Looping

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • Version Affected:  All


    SAML Consumer is looping back to the IdP and then back to the SAML consumer instead of logging in to the App. 

    SAML tracer does show a cookie being created but it disappears straight away.

    Cause:  SAML consumer creates the cookie based on what is in the Assertion. 

    Most browsers can only handle a cookie size of up to 4096 bytes so although we consume the assertion and create the cookie, the browser dumps it. 


    The SAML Consumer VAM will consumer the entire assertion. 

    Liaise with the IdP team so that they send fewer attributes in their SAML assertion. This will reduce the size of the cookie and solve the issue.  


    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    0 out of 0 found this helpful



    Please sign in to leave a comment.