SAML redirect change to GET
-
When setting up SAML for an application, I understand it will redirect to the first entry in the ‘Authorized redirect URLs’ config setting. When it does that redirect, it seems to do it as a POST. Is there a way to change that to a GET?
-
In the SAML protocol, the Identity Provider (IdP) typically sends the SAML assertion to the Service Provider (SP) via an HTTP POST binding. This is because the SAML response data can be quite large and may exceed the maximum URL length if sent via GET.
FusionAuth, when acting as a SAML IdP, follows this standard practice and sends the SAML assertion to the SP via POST. Currently, there is no configuration option in FusionAuth to change this behavior to use a GET binding instead.
For more details on how FusionAuth handles SAML, you can refer to the FusionAuth SAML documentation.Can you tell us why you need it as a GET?
-
@mark-robustelli Thanks, Mark. After having worked with FA some more, I now realize that I don't need it to be a GET. Thanks for the response.
-
A Alex Patterson has marked this topic as solved
