untrusted provider

Hello there,

I am trying to make a SAML connection between Notion (www.notion.so https://www.notion.so/help/saml-sso-configuration) and Access Manager 4.5.

Notion does not provide XML metadata.

Their helpdesk says: "Notion does not have XML to provide. We accept the metadata from the IdP, but Notion does not provide SP-metadata."

But when I try to connect I always get an error Unable to complete request at this time. (Request was from an untrusted provider-445DD9100702C937)

How can I configure this in advanced settings, so that the provider is always trusted?

  • Notion documentation you linked is not very clear. I think most useful is section regarding how to configure Google as IDP.

    There you have description for ACS URL and Entity ID:

    So to get around missing metadata XML, go to Access manager and when creating service provider, select "Manual Entry" and enter ACS URL and Entity ID. Leave all other fields empty:

    Do not forget to configure atribute set to send required attributes with SAML response.

    Kind regards,


  • Thanks Sebastijan, I tried that. But when I enter the details and click 'next' it says "please specify the provider certificate"

  • I have seen that AM does not allow you to create service provider without selecting cert (I think this is fixed in 5.x).

    But since Notion will not sing SAML requests (well, if it would they would need to provide you with their public key), you can just select any certificate you have at hand, like access manager's configCA public cert.