KNOWLEDGE BASE

Error "The sign-in was unsuccessful. Try again" And "Error validating SAML message; caused by: Signature algorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1 is blacklisted]" When Logging in With SAML SSO to Tableau Online Using SHA-1


Published: 08 Jul 2020
Last Modified Date: 03 Dec 2020

Issue

When attempting to login to Tableau Online using SAML with an Identity provider that uses SHA-1 signature algorithm or certificates, the following errors occur: 

"The sign-in was unsuccessful. Try again" 

Or

"Error validating SAML message; caused by: Signature algorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1 is blacklisted"

Environment

  • Tableau Online
  • SAML SSO
  • Authentication

Resolution

Change your signing algorithm and certificates to SHA-256 instead of SHA-1. Contact your Identity Provider if assistance is needed.  

Verify and set/configure the following values in Auth0 settings. Make sure IdP assertions and certificates used are signed using SHA-2/256 encryption. 

  "signatureAlgorithm": "rsa-sha256",
  "digestAlgorithm": "sha256",

Cause

RSA-SHA1 signing algorithm and certificates are no longer supported in Tableau Online.
Did this article resolve the issue?