Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

The SessionRelayService enables IDP initiated SSO to applications integrated using SAML2 with a URL at the Ubisecure SSO server. This is also known as unsolicited SSO.

Step-by-step guide


  1. Unsolicited SSO can be done by sending SAML response message to address:
    https://ssohost/uas/saml2/SessionRelayService?entityID=urn:uuid:3A97e9cf6b-5218-4cb8-b0b9-bab5d35e6c9b&RelayState=/insert/home/page/here&locale=sv

Text marked with red must be updated accordingly:

-entityID has to be application agents entityID from Ubilogin management UI

-RelayState is relative address on target application server where browser is redirected(so called deep linking)

-locale is users used language

Other optional parameters include:

  • isPassive true/false (optional, default false)
  • forceAuthn true/false (optional, default false)
  • oneTimeUse true/false (optional, default false)



  • No labels