Customers would like to know if there is a way and/or any parameter to configure " RelayState URL " from SSO IDP federation partnership settings.
Article ID: 248366
Updated On:
Products
Issue/Introduction
Customers would like to know if there is a way and/or any parameter to configure " RelayState URL " from SSO IDP federation partnership settings.
Environment
All the supported - Policy Server and CA Access Gateway Environments.
Resolution
Kindly note that " RelayState URL " is a constructed URL and we don't have any parameter and/or settings to configure from the Federation PARTNERSHIP and partner needs to include RelayState URL while sending the request.
Also, please note that this RelayState Indicates the URL of the target resource at the Service Provider (SP) and the RelayState value should be URL-encoded.
------ RelayState:
Indicates the URL of the target resource at the Service Provider.
The RelayState value should be URL-encoded.
By including this query parameter, it tells the IdP to redirect the user the appropriate resource at the Service Provider.
This query parameter can be used in place of specifying a target URL when configuring single sign-on.
The RelayState query parameter name is case-sensitive, and the value must be URL-encoded.
------ Example:
http://ca.sp.com:90/affwebservices/public/saml2authnrequest?ProviderID=
http%3A%2F%2Ffedsrv.acme.com%2Fsmidp2for90&
RelayState=http%3A%2F%2Fwww.spdemo.com%2Fapps%2Fapp.jsp
- Document reference:
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/legacy-federation/configure-a-saml-2-0-identity-provider/initiate-single-sign-on-from-the-idp-or-sp.html#concept.dita_a0fdfaa41746f2ce271ae227c905d3d4009aa275_IdentityProviderinitiatedSSOPOSTorartifactbinding
Feedback
