Reputation: 43
Custom attributes in Saml2AuthnRequest and Saml2AuthnResponse using itfoxtec-identity-saml2 library
We are using itfoxtec-identity-saml2 library to integrate saml in our .Net web API application.
We are passing a couple of custom attributes in relayState (ex. returnUrl, redirectionParams etc.) to make use of them once we get the relayState back from SP.
One of the service providers is not able to return relayState with multiple parameters because of the "&" separator. Is it possible to include these custom attributes in Saml2AuthnRequest object and get the same attributes back in Saml2AuthnResponse or is relayState the only way to send and receive the custom dynamic parameters?
Upvotes: 1
Views: 1000
Answers (1)
Reputation: 4318
Is it possible to include these custom attributes in Saml2AuthnRequest object and get the same attributes back in Saml2AuthnResponse
A SAML2 authentication request can contain various custom extensions to carry extra data, flags, etc. However, anything that you would include in there would be custom, and the service provider implementation must be able to support and recognize it. It's completely non-standard and would not scale.
is relayState the only way to send and receive the custom dynamic parameters?
Yes, it is. You might want to encode the final value in such a way that could be included in the relay-state parameter as a single value.
Upvotes: 2
Related Questions
- How to add new parameters/organization specific parameters into XML
- ITfoxtec.Identity.Saml2 - multiple authentication schemas
- In pysaml2, how does one include attributes in the initial AuthNResponse?
- Causing IDP to include specified attribute in authentication response
- SAML Request Attributes In AuthnRequest
- How to ask IdP for user attributes in SAML
- OAuth 2 - Custom Attributes like SAML
- How to configure Custom Attributes in SP metadata
- How to request IDP to send me additional custom attributes in the AuthnResponse?
- Are attributes allowed in a SAML authentication request?