You can configure the assertion validity time for WS Federation Provider (SP) to accommodate clock skew between a service provider and a SAML identity provider.
To set the assertion validity for WSFed configuration, perform the following steps:
Go to Devices > Identity Servers > Edit > Options, and click New.
Configure the following property:
Property Type: WSFED ASSERTION VALIDITY
Property Value: Specify the assertion validity time in second
Restart Tomcat by using the following command:
/etc/init.d/novell-idp restart
For the Docker deployment, perform the following steps:
Run the kubectl get pods command to view the Access Manager pods.
Go to the Identity Server pod by running kubectl exec --namespace <name-of-the-namespace> -it pod/<name-of-the-identity-server-pod> -- sh.
Run the /etc/init.d/novell-idp restart orsystemctl restart novell-idp.service command.