Last active
February 27, 2023 18:46
-
-
Save saltukalakus/210685aab42bae0151c687d704af5eae to your computer and use it in GitHub Desktop.
How to insert AssertionConsumerServiceURL (ACS) in AuthN when Auth0 is the SAML service provider. (a.k.a. SAML enterprise connection)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" | |
@@AssertServiceURLAndDestination@@ | |
AssertionConsumerServiceURL="https://demo-saml-sp.auth0.com/login/callback" | |
ID="@@ID@@" | |
IssueInstant="@@IssueInstant@@" | |
ProtocolBinding="@@ProtocolBinding@@" Version="2.0"> | |
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@@Issuer@@</saml:Issuer> | |
</samlp:AuthnRequest> |
Author
saltukalakus
commented
Dec 4, 2020
Sample decoded AuthN with HTTP-Redirect binding with the above configuration. If you will be using a Custom Domain for the login domain, you need to change AssertionConsumerServiceURL accordingly.
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://demo-saml-idp.auth0.com/samlp/3vOzusggp1BUM5P0qvDlMuOHP4fen0wd" AssertionConsumerServiceURL="https://demo-saml-sp.auth0.com/login/callback" ID="_1df14c838fad5191c6525e7bc90c6c62" IssueInstant="2020-12-03T22:52:58Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:auth0:demo-saml-sp:TestSP</saml:Issuer></samlp:AuthnRequest>
You can also replace @@AssertServiceURLAndDestination@@
with two separate template variables @Destination
and @AssertionConsumerServiceURL
so that you don't hardcode any value:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
Destination="@@Destination@@"
AssertionConsumerServiceURL="@@AssertionConsumerServiceURL@@"
ID="@@ID@@"
IssueInstant="@@IssueInstant@@"
ProtocolBinding="@@ProtocolBinding@@" Version="2.0">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@@Issuer@@</saml:Issuer>
</samlp:AuthnRequest>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment