Troubleshooting
Troubleshooting is a systematic approach to solving a problem. The goal of troubleshooting is to determine why something does not work as expected and how to resolve the problem. The document outlines the error encountered between Verify and ADFS.
The SAML assertion is not valid before this time
This error indicates a timing mismatch between Verify and ADFS. To resolve this synchronization issue you must set the "NotBeforeSkew" parameter.This parameter specifies the skew, as an integer, for the time stamp that marks the beginning of the validity period. The higher this number is, the further back in time the validity period begins with respect to the time that the claims are issued for the relying party. By default, this value is 0. Specify a positive value if validation fails on the relying party because the validity period has not yet begun. The skew is set in minutes.
For example, to set the skew to two minutes, run
the following command on the ADFS server.
Set-ADFSRelyingPartyTrust -TargetIdentifier "<replying party identifier>" -NotBeforeSkew 2