Ex: Re: authnrequest with no ACS info

Paul B. Henson henson at cpp.edu
Fri Oct 28 01:56:34 UTC 2022

On Thu, Oct 27, 2022 at 11:07:29PM +0000, Cantor, Scott via users wrote:
> There's nothing wrong with defaulting the endpoint, but it is illegal
> in SAML to use the redirect binding for a response in SSO.

What's the best source to document that? All I can really find is


section which doesn't explicitly say redirect is not allowed but
implies it by mentioning only post and artifact.


Paul B. Henson  |  (909) 979-6361  |  http://www.cpp.edu/~henson/
Operating Systems and Network Analyst  |  henson at cpp.edu
California State Polytechnic University  |  Pomona CA 91768

More information about the users mailing list