Does Shibboleth Idp support relayState parameter in IDP Initiated SSO
Brent Putman
putmanb at georgetown.edu
Tue May 5 08:30:06 UTC 2020
On 5/5/20 3:02 AM, Luo, Pan wrote:
> It seems I only need to add the
> RelayState=https://region-id.console.aws.amazon.com/connect/federate/instance-id to
> the end of Idp initiated SSO URL. But it doesn't work. The URL I
> tried is something like this:
>
> https://our.idp/idp/profile/SAML2/Unsolicited/SSO?providerId=urn:amazon:webservices&relayState=https://region-id.console.aws.amazon.com/connect/federate/instance-id
>
In the Shib Unsolicited SSO protocol, for historical reasons the
request param name is 'target', not 'RelayState':
https://wiki.shibboleth.net/confluence/display/IDP4/UnsolicitedSSOConfiguration#UnsolicitedSSOConfiguration-SAML2.0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200505/e3ae6b2c/attachment.html>
More information about the users
mailing list