Redirecting to Particular page(using target parameter) of SP using IDP initiated SSO
Christopher Bongaarts
cab at umn.edu
Tue Dec 22 16:12:37 UTC 2020
On 12/22/2020 4:18 AM, Abhishek Chouksey wrote:
> I have implemented IDP initiated SSO for SP and I want to redirect
> user to one particular page of sp after SSO so I came across "target"
> parameter and I am passing target url from my client but still not
> able to redirect to that particular page. Can anyone please tell me
> what else other config required at shibboleth side so that I can land
> to any particular page after SSO by providing that page URL in target
> attribute.
>
In general this is not possible; when your IdP sends the SAML response
to the SP's Assertion Consumer Service endpoint, at that point the SP is
in control of where to send the browser next, and there is nothing in
the SAML protocol that specifies a function like that.
Some SAML SP implementations may choose to treat the RelayState
parameter (which for the Shib IdP is set using the "target" parameter on
the Unsolicited endpoint) as an indication of where to send the user
next, but that cannot be relied upon in general.
--
%% Christopher A. Bongaarts %% cab at umn.edu %%
%% OIT - Identity Management %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
More information about the users
mailing list