We have a SAML partnership requirement, where SP will initiate the sso url and will be sending IDP (Siteminder) storeID value in RelayState.
Siteminder is expected to consume and pass back the same RelayState value in URL to SP ACS URL while posting the assertion.
Example:-
SP-initated URL: https://apps.demo.com/&RelayState=storeID=1234
Will redirect to IDP (Siteminder), which will authenticate the user and post the SAML assertion to SP ACS URL...where the SP needs storeID=1234 to be passed in URL as RelayState.
Could you please confirm if Siteminder can do this out of the box?
Release: ALL
Component : SITEMINDER FEDERATION SECURITY SERVICES
A Siteminder IDP will preserve any RelayState value passed to it from the SP, however, when using the POST profile for assertions, the RelayState value will be passed as part of the POST data. There is no way out of the box to include this value in the URL query string.
When an SP includes a RelayState value in the query string as part of an authnrequest (SP-initiated request), the RelayState value must be URL-encoded. This assures the value does not get lost or altered during potential redirects for authentication at the IDP.