SAML Assertion verification failed; Please contact your administrator

This indicates that SAML Assertion was not verified by the Citrix Gateway virtual server. Looking at the StrongKey FIDO Server(SKFS) logs, a SAML response was generated by the SKFS. However, once the user clicked on “Continue to Application”, it could not proceed since the SAML Assertion could not be verified due to missing/incorrect SAML Signing certificate in Citrix Gateway virtual server.

SOLUTION

Please ensure that the Citrix Gateway virtual server has the correct SAML policy and SAML signing certificate from the StrongKey Tellaro Appliance.