Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Risto Peltomäki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The SessionRelayService enables IDP initiated SSO to applications integrated using SAML2 with a URL at the Ubisecure SSO server. This is also known as unsolicited SSO.

Step-by-step guide


  1. Unsolicited SSO can be done by sending SAML response message to address:
    https://ssohost/uas/saml2/SessionRelayService?entityID=urn:uuid:3A97e9cf6b-5218-4cb8-b0b9-bab5d35e6c9b&RelayState=/insert/home/page/here&locale=sv
Info

Text marked with red must be updated accordingly:

-entityID has to be application agents entityID from Ubilogin management UI

-RelayState is relative address on target application server where browser is redirected(so called deep linking)

-locale is users used language

Other optional parameters include:

  • isPassive true/false (optional, default false)
  • forceAuthn true/false (optional, default false)
  • oneTimeUse true/false (optional, default false)
  • template - SSO UI template to be used

Filter by label (Content by label)
showLabelsfalse
max5
spacesKNB
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel = "kb-how-to-article" and type = "page" and space = "KNB"
labelskb-how-to-article

...