SAP Knowledge Base Article - Public

3334661 - Error while generating SAML Assertion : Fail to generate SAML Assertion due to IOException


You are getting the error mention in Title while generating SAML Assertion using SAP Provided Offline tool 

Disclaimer: Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.


SAP SuccessFactors HXM Suite


  1. You are either using the X.509 Public Key instead of the Private Key, which is only shared when you create the OAuth Key initially.
  2. There are some extra spaces or some character missing will adding the Private Key


  1. Go to Manage OAuth2 Client Applications
  2. Click on Edit on the Client Application Oauth Configuration
  3. Then generate the X.509 Certificate again.

  4. Now Download the Certificate.pem file

  5. Open the certificate file and copy only the Private Key encased between BEGIN ENCRYPTED PRIVATE KEY and END ENCRYPTED PRIVATE KEY
  6. NOTE: The Certificate can only we downloaded at the Generation of X.509 Certificate and once you save this OAUTH Configuration the Download key will be greyed out.

See Also


OAUTH, ODATA API, SAML Assertion error, Fail to generate SAML Assertion due to IOException, LOD-SF-INT-ODATA-OAUTH , KBA , LOD-SF-INT-ODATA-OAU , ODATA OAUTH Authentication , LOD-SF-INT , Integrations , LOD-SF-INT-SSL , SuccessFactors SSL Handshake , Problem


SAP SuccessFactors HXM Core 2305 ; SAP SuccessFactors HXM Suite 2305