SAML 2.0 IsPassive option

Chiranga Alwis chirangaalwis at
Mon May 9 08:53:58 EDT 2016

Hi all,

I am a fresh user to SAML 2.0.

When working on an Apache Tomcat SAML 2.0 based single-sign-on (SSO) valve,
I came across the property named 'IsPassive' under SAML 2.0 Authentication
Requests. The SAML 2.0 spec introduces this as follows:

IsPassive [Optional] A Boolean value. If "true", the identity provider and
the user agent itself MUST NOT visibly take control of the user interface
from the requester and interact with the presenter in a noticeable fashion.
If a value is not provided, the default is "false".

What is the most accurate meaning or example of this definition in terms of
a single-sign-on scenario? Does this property have a connection with active
and passive profiles in single-sign-on?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list