Customer's application supports only IDP-initiated SAML, but needs to support multiple Assertion Consumer Service URLs (ACS URLs).  Customer has added the  AssertionConsumerServiceIndex parameter to the IDP-initiated request query string, but Siteminder seems to be ignoring it.  How can we achieve this use case?

Release : 12.8.03

Component : SITEMINDER FEDERATION SECURITY SERVICES

Siteminder does not support the AssertionConsumerServiceIndex queery string parameter in IDP-initiated SAML requests.  A custom solution is needed.

Use SP-initiated SAML when multiple ACS URLs need to be supported. If switching to SP-initiated SAML is not possible, it may be possible to use an active page to mimic the SP and generate an authnrequest with the needed AssertionConsumerServiceIndex parameter/value, but this is a custom solution outside the scope of Support.

Sample authnrequests can be found here:
https://www.samltool.com/generic_sso_req.php

As you can see, the only dynamic data in the authnrequest is the date/time information.  The resulting SP-initiated URL (assuming REDIRECT binding) will take this format:
https://idp.example.com/affwebservices/public/saml2sso?SAMLRequest=XXXXXXXXXXXXXXXX&AssertionConsumerServiceIndex=Y