Is it possible somehow to pass a return url to the Identity Server when performing a SAML SSO and have that url posted back to my assertion url when the user authenticates successfully?
The RelayState (described here) parameter that is sent to the IdP can be used to post the return URL to the IdP and have it back when the Authentication Response is send back from the IdP. Of course as this is an HTTP POST parameter, if you store a URL there it has to be propertly encoded/decoded.
However keep in mind that this might be used by an attacker to trick the use to open a trusted URL (this of the identity server) and redirect it to a malicious site. To prevent this the redirect URL should be validated.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With