Azure AD SAML IDP provider with relay state

Krishna Kumar 41 Reputation points
2020-04-08T17:37:27.803+00:00

We can federate a domain on AAD and configure a third party SAMLP as described here https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-saml-idp.

When doing IDP initiated SSO to AAD it's ignoring the relay state parameter in SAMLResponse sent to AAD hence user lands on office portal always.

If there a way we can set the relay state in the SAMLresponse so that the user lands on the app directly after SSO to AAD instead of landing on portal.

If we start the flow using user access url of the app then the user lands on app directly but its SP initiated flow wanted to know if its possible with IDP initiated flow

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,797 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. lifonghsu 31 Reputation points
    2020-04-23T12:56:42.057+00:00

    Sorry, which third party SAMLP do you used?
    I always get the error, AADSTS51004: The user account xxx does not exist in the yyy directory. To sign into this application, the account must be added to the directory.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.