IDP Initiated SSO

Steve White steve at
Tue May 17 16:01:35 EDT 2016

We are currently using Shibboleth SP.  I have been tasked with setting up IDP Initiated SSO.  At least that is the term being used.  The expectation is that an already authenticated user, from a third party IDP, so no existing session, be able to access a resource and establish a session without having to redirect back to their IDP.  So sending authentication information along with the resource request.  I guess this is in place of a deep link, which I understand would redirect back to the IDP, see that you are authenticated then redirect you to the resource.  

I am struggling with finding the right documentation, most likely because of the use of only SP not IDP, and thus am struggling with how to implement this.  Any help getting me started would be greatly appreciated.

Steve White

More information about the users mailing list