diff --git a/authentik/providers/saml/processors/metadata_parser.py b/authentik/providers/saml/processors/metadata_parser.py
index cd6068d91..938127111 100644
--- a/authentik/providers/saml/processors/metadata_parser.py
+++ b/authentik/providers/saml/processors/metadata_parser.py
@@ -124,8 +124,13 @@ class ServiceProviderMetadataParser:
         # For now we'll only look at the first descriptor.
         # Even if multiple descriptors exist, we can only configure one
         descriptor = sp_sso_descriptors[0]
-        auth_n_request_signed = descriptor.attrib["AuthnRequestsSigned"].lower() == "true"
-        assertion_signed = descriptor.attrib["WantAssertionsSigned"].lower() == "true"
+        auth_n_request_signed = False
+        if "AuthnRequestsSigned" in descriptor.attrib:
+            auth_n_request_signed = descriptor.attrib["AuthnRequestsSigned"].lower() == "true"
+
+        assertion_signed = False
+        if "WantAssertionsSigned" in descriptor.attrib:
+            assertion_signed = descriptor.attrib["WantAssertionsSigned"].lower() == "true"
 
         acs_services = descriptor.findall(f"{{{NS_SAML_METADATA}}}AssertionConsumerService")
         if len(acs_services) < 1: