no metadata for the SP

Tom Scavo trscavo at
Fri Nov 21 14:37:45 EST 2014

When the IdP receives an AuthnRequest at a SingleSignOnService
endpoint, the IdP consults metadata before interacting with the user.
AFAIK, if the IdP lacks metadata for the SP, the transaction fails
outright, without even presenting the login interface to the user. In
this case, the user is stranded at the IdP, with no chance for either
party to recover.

My question is: Can the IdP be configured to respond with a SAML error
if there is no metadata for the SP? If so, how?



More information about the users mailing list