Programmatically get Assertion for 3rd party resources

Kevin Flückiger kevin.flueckiger at
Tue May 19 11:00:48 EDT 2015

Hi everyone

I have the following Problem:
My Application is protected by my SP and I can log into it just fine. Now, this Application tries to load some images from AWS s3. These images are protected by the AWS service provider. So therefore I established trust between the AWS SP and my IdP. This works just fine, when I initiate the unsolicited login from a Browser (https://myidp/idp/profile/SAML2/Unsolicited/SSO?providerId=urn:amazon:webservices) I get access to the AWS services.
Now when I try to access resources from within my Application AWS wants me to first call a Method from their API called ‘AssumeRoleWithSAML’. This Method expects a SAML Assertion. The Assertion should look exactly like the Assertion I get when I do the unsolicited login. The question now is: How can my Application get this Assertion for AWS?

Thanks for your help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list