Configuring Multiple Assertion Consumer Service URLs for SAML2 Service Provider with WSO2 Identity Server 5.1.0
This feature enables to define multiple assertion consumer service URLs for a SAML2 service provider. In the SAML service provider configuration UI there is a new configuration called “Assertion Consumer URLs”. You can add multiple assertion consumer URLs for the SAML2 service provider using the “Add” button. Since we have multiple assertion consumer URLs, we need to define a default assertion consumer URL in case we can’t retrieve it from the authentication request. Now SP initiated SSO and IdP initiated SSO flows behave as follows, In SP initiated SSO, If no AssertionConsumerServiceUrl is given in the <AuthnRequest>, IS will send the response to default ACS URL of the SP. (Whether request is signed or not) If the AssertionConsumerServiceUrl in <AuthnRequest> matches with one of the registered URLs, IS will send the response to the matched one. If the AssertionConsumerServiceUrl in <AuthnRequest> does not match ...