Idea Details

SAML token over dynamic ACS URL for IDP journey

Last activity 21 days ago
Ramya Vijayakumar's profile image
02-12-2019 05:11 AM

Hi, 

 

For SP initiated journey(Any SAML 2.0 complaint product), I know the product (Legacy & Partnership federation) supports dynamic ACS URL approach by understanding the incoming Assertion Consumer Service URL that is part of SAML Authnrequest which has to be defined in IDP (CA Federation Manager) configuration indexing through which the SAML token can be posted on to various Assertion Consumer Service URL's. 

 

For IDP(CA Federation Manager) initiated journey, legacy / partnership federation today, we have only static Assertion Consumer Service URL that is defined where the SAML token can be posted. 

 

There is a new requirement wherein expectation is to have SAML token posted to dynamic URL based on customers or organization which is local to SP with specific role information. 

 

Is there any possibility, the Assertion Consumer Service URL that can be dynamic & taken on fly over IDP initiated journey where then the SAML token can be posted?

 

Regards,

Ramya Vijayakumar.


Comments

05-13-2019 02:01 AM

Thank you for your contribution of an enhancement idea to the CA Community. CA is continually working to improve its software and services to best meet the needs of its customers. Your input is vital to that effort. The CA Single Sign-On Product Management team is reviewing your enhancement suggestion following the process outlined here: https://communities.ca.com/docs/DOC-231170123

The Community will continue to be able to vote on this enhancement idea.