I have a proxy endpoint which is currently in use in production and doing the session validation by accepting the session as part of request.formparam.
Now I want to enhance this endpoint in order to validate the SAML assertion as well. From the SAML Assertion policy documentation, I came to know that the built-in support is for SOAP inbound request.
How can I design my existing endpoint to accept the SAML assertion like below and make it compatible with SAML validation policy?
POST /existingEndPoint HTTP/1.1
Content-Type: application/x-www-form-urlencoded
grant_type=SAML&saml_assertion=<PUT the SAML assertion XML here>
Any sample APIs would be really helpful. Thanks!
sure it can. In such cases the saml assertion is usually base64 encoded. You'd want to decode it first.
Thanks for your response. How can I provide that to xpath of the SAML validation policy?
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |