Managing authentication sources > SAML 2.0 supported IdP > Identity provider initiated Single Sign-on
 

Previous Topic

Next Topic

Identity provider initiated Single Sign-on

Identity provider initiated Single-sign on begins with the IDP authenticating a user. A SAML response is issued from the IDP to Life Suite Authentication. The user is then redirected to the Life Suite module.

A relaystate value is required either as part of the SAMLResponse or as a querystring variable. The relaystate value represents the Life Suite URL target. Life Suite Authentication uses the relaystate value to authorize and redirect the user to the appropriate Life Suite URL.