As mentioned in my previous post, we discussed how we can use Identity Server as SAML2 SSO IDP. We tried to configure the sample “travelocity.com” application.
Now let see how we can achieve the IDP Initiated SAML2 SSO with same setup.
Step 1. Enable IdP Initiated SSO. You need to tick on “Enable IdP Initiated SSO” check box in SAML2 SSO issuer configuration (Please refer Step 3 in my previous post)
Step 2. Do GET request. You need to follow the pattern
https://{Hostname}:{Port}/samlsso?spEntityID={SAML2 SSO Issuer name}
In our sample, this would be
https://localhost:9443/samlsso?spEntityID=travelocity.com
If your SAML2 SSO issuer has been configured in a separate tenant other than super tenant, then you need to append the tenantDomain parameter as well.
If tenant domain is soasecurity.org, GET would be
https://localhost:9443/samlsso?spEntityID=travelocity.com&tenantDomain=soasecurity.org