SSO issue with “AADSTS50008: Unable to verify token signature.”

Client trying to login to Office 365 portal gets error message

AADSTS50008: Unable to verify token signature. The signing key identifier does not match any valid registered keys.

after replaced ADFS 3.0 Service Communication certificate instead of expired one. Steps were done according to usefull blog article. New cert is valid but clients cannot login to the Portal.

Solution?

Microsoft recommends to run following command from powershell running on ADFS server only in case if you want manualy renew token signing certificates, but I think it’s good idea to do it in our case:
Update-MSOLFederatedDomain -DomainName [domain name]
The same problem is described here.

Hľadá sa internetová škola na Slovensku

This post is only in Slovak language
Môj syn Martin bol donedávna normálnym žiakom normálnej školy. Dnes je siedmakom v internetovej škole, bežná denná školská dochádzka mu nehrozí. No tá internetová škola je česká.
(more…)