search cancel

Relay State Overrides Target - ignored in WSFED


Article ID: 7979


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We have implemented WSFED Partnership with Relay State Overrides Target feature enabled and CA SSO is local RP (Resource Provider) while ADFS is remote IP (Identity/Account Provider).

It works very well with fix target url.

However, RelayState is ignored and user always finishes on the target specified in the partnership configuration.


How can we correctly configure "Relay State Overrides Target" feature in WSFED partnership?


CA SSO 12.x


Relay State Overrides Target is only supported with SAML 2.0

The WSFED RP-to-IP (Relying Party to Identity Provider) partnership does not support the RP entity with the SAML 2.0 token type

WSFED RP Entity with SAML 2.0 Token Type Not Supported (167916)




To use the Relay State Overrides Target feature, you will have to configure a SAML 2.0 Partnership

Relay State Overrides Target (SAML 2.0 only)


(Optional) Replaces the target field value with the Relay State query parameter value in the request that initiates single sign-on. By selecting this option, you have more control over the target because using the Relay State query parameter lets you dynamically define the target.

Additional Information