Issue encountered :

Encountered always the error "Assertion can not be validated" [error code 401 Unathorized] when calling the endpoint beside client using Authentication SAML token while the STS token was generated without issue.

Details:

I developed a rest API on talend open studio ESB using the tRESTRequest component and activating SAML token authentication to secure client requests with a token as you can see below the Design:

This job has been successfully deployed on Talend's container Runtime and the configurations are OK as you can see below:

1) Secure Token service (STS) activation on container Runtime (apache karaf):

2) Deployment of the JOB on Runtime:

Next Generated the Token used to call the endpoint:

I used the following link to generate the STS Token: http://coheigea.blogspot.com/2016/09/invoking-on-talend-esb-sts-using-soapui.html. in fact, we ask the STS for a SAML Token by using RequestSecurityToken part on the SOAP request as below :

And the SOAP Response on successful invocation of STS is shown below:

After I switched to RAW XML and extract SAML Assertion as below :

In fact to call the REST API using an authentication token, we need to deflate and base64-encode a SAML Message before sending it like below :

(I used the following link https://www.samltool.com/encode.php to encode the xml response from STS)

Invocation of REST service using Postaman and a curl command:

I used this token generated to call the api on client side as below :

Response on POSTMAN tool to execute the api with the error "Assertion can not be validated" [error code 401 Unathorized]:

So I always got this above error when testing on postman tool

Could you please see and give me what is the cause of this error and the correction that I must be made in order to remedy this error?

Thank you for your feedback.