How do I specify the relayState parameter for AAD response to my SAML?

SWC.0089 21 Reputation points
2020-11-18T16:07:29.913+00:00

I have added my web app to my AAD, but then have trouble figuring out how to specify the relayState in the AAD SSO SAML response.

Is there any article to follow? Thanx in advance.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,843 questions
0 comments No comments
{count} votes

Accepted answer
  1. 2020-11-19T19:07:10.21+00:00

    Hello @SWC.0089 , in the Azure Portal go to the Azure Active Directory node, Enterprise applications, find yours, go to Single sing-on and you will find it under Basic SAML Configuration. You can find more information in Enable single sign-on for an app.

    Let us know if this answer was helpful to you. If so, please remember to accept it so that others in the community with similar questions can more easily find a solution.


1 additional answer

Sort by: Most helpful
  1. SWC.0089 21 Reputation points
    2020-11-20T21:01:44.993+00:00

    Well, it turned out I didn't update my app server as I thought I did.
    After fixing that, I now got to the following complaint:

    SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
    Backtrace:
    0 /var/simplesamlphp-1.14.14/www/module.php:180 (N/A)
    Caused by: SimpleSAML_Error_Exception: URL not allowed: https://qa.XXXXXXXXXX.org/simplesaml/relayState.php?saml_sso=developtester-sp
    Backtrace:
    2 /var/simplesamlphp-1.14.14/lib/SimpleSAML/Utils/HTTP.php:338 (SimpleSAML\Utils\HTTP::checkURLAllowed)
    1 /var/simplesamlphp-1.14.14/modules/saml/www/sp/saml2-acs.php:111 (require)
    0 /var/simplesamlphp-1.14.14/www/module.php:137 (N/A)

    .. more debugging to follow.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.