Why am I seeing an error in the .NET console indicating "Invalid saml assertion in security header." when SAML/SSO is not enabled for my site?
Oracle B2C Service, Product listing
When user logs into console or (otherwise runs Addin within console) I am seeing this error:
Click to enlarge image
This error may be an indication there are AddIns running on the site that require Public SOAP API permissions. It is common to code addins to use the credentials of the agent running the AddIn (the agent logging into the console) and therefore adding Public SOAP API permission to the affected account profiles may resolve the issue. Further, disabling the interface permissions for suspected AddIns will also resolve such an issue.