ID4142: The SAML2:Assertion is signed but the signature's KeyIdentifier cannot be resolved to a SecurityToken. Ensure that the appropriate SecurityTokenResolver has been provisioned. To handle advanced token resolution requirements, extend Saml2SecurityTokenHandler and override ResolveIssuerToken.
ID4138: No suitable Saml2NameIdentifier could be created for the SAML2:Assertion because tokenDescriptor.Issuer is null or ...
ID4139: No suitable Saml2NameIdentifier could be created for the SAML2:Subject because more than one Claim of type NameIdentifier ...
ID4140: This Assertion cannot be re-emitted as raw XML. This may be because it was not read from XML in the first place, ...
ID4141: The SAML2:Assertion is not signed. Only signed Assertions are acceptable for this use. If Windows Identity Foundation ...
ID4142: The SAML2:Assertion is signed but the signature's KeyIdentifier cannot be resolved to a SecurityToken. Ensure that ...
ID4147: The Saml2SecurityToken is rejected because the SAML2:Assertion's NotBefore condition is not satisfied. NotBefore: ...
ID4148: The Saml2SecurityToken is rejected because the SAML2:Assertion's NotOnOrAfter condition is not satisfied. NotOnOrAfter: ...
ID4149: The Saml2SecurityToken is rejected because the SAML2:Assertion specifies a OneTimeUse condition. Enforcement of the ...
ID4150: The Saml2SecurityToken is rejected because the SAML2:Assertion specifies a ProxyRestriction condition. Enforcement ...