This documentation is for WSO2 Identity Server 5.3.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This request will authenticate and redirect the user to the registered Assertion Consumer URL. Optionally, you can send in a RelayState parameter an 'acs' parameter as follows.

Panel
bgColorWhite

https://localhost:9443/samlsso?spEntityID=foo.com&RelayStateacs=http://localhost:8080/foo.com/my-home.jsp

This request will authenticate and redirect the user to the URL in the RelayState 'acs' parameter itself.

Info

Either you could have SP Initiated SSO only, or SP Initiated SSO and IdP Initiated SSO. You can't have IdP initiated SSO only. By design, SP Initiated SSO is more restrictive and secure. If a service provider is allowed to do IdP Initiated SSO, it would automatically imply that this service provider is allowed to do SP initiated SSO as well.

...