Call 2 IDP in sequence (or call another web app after succesfull IDP login)

Paolo Dibitonto p.dibitonto at
Tue Dec 3 04:40:25 EST 2019

Hello all,
sorry I'm really unskilled on this topic and I can't find alone a solution.
We have configured Shibboleth SP (3.0.4) and IDP (3.4.6) enabling 2 login
flows, X509 and Password.
Soon we will configure SP to use also an international IDP (SPID).
The problem is that we need to get the IDP released attributes (in
particular the fiscal code, an unique identifier in Italy) and check it
against a database, to see if the user can access the protected resource.
We will read fiscal code from the X509 certificate and from the SPID
response, so we need to check this code against the DB after the IDP
complete his process.
It's possible to call, from SP, another IDP/Web App, to make this check,
before redirect the user to the requested resource?
Thank you all in advance.

Sent from:

More information about the users mailing list