saml - Is SP initiated requests without AuthnRequest an industry standard? -
i working on saml2.0. 1 of our clients(idp) requested (sp) have sp initiated requests without sending authnrequest.
instead of sending authenrequest have asked us(sp) send parameter on url can tell them request has come designated sp. industry standard implement sp initiated requests without having authnrequest parameter?
i call idp initiated, viewpoint of saml, idp sends first message. idp initiated part of standard, not break saml.
but if going have sp tell idp start authentication consider bad practise not have sp start using saml authnrequest.
this more interoperable approach making easier use standard saml product without need customizations.
Comments
Post a Comment