This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Does SAML Assertion policy can accept assertion xml in request.forparam

Posted on 01-31-2017 03:41 PM
Not applicable
Reply posted on --/--/---- --:-- AM

I have a proxy endpoint which is currently in use in production and doing the session validation by accepting the session as part of request.formparam.

Now I want to enhance this endpoint in order to validate the SAML assertion as well. From the SAML Assertion policy documentation, I came to know that the built-in support is for SOAP inbound request.

How can I design my existing endpoint to accept the SAML assertion like below and make it compatible with SAML validation policy?

POST /existingEndPoint HTTP/1.1

Content-Type: application/x-www-form-urlencoded

grant_type=SAML&saml_assertion=<PUT the SAML assertion XML here>

Any sample APIs would be really helpful. Thanks!

0 2 220
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

sure it can. In such cases the saml assertion is usually base64 encoded. You'd want to decode it first.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

Thanks for your response. How can I provide that to xpath of the SAML validation policy?

0 Likes