WORKERS AHEAD!
You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.
SAML2 Authentication - Unsolicited SSO
SAML2 IdP Unsolicited/SSO profile, also known as IdP Initiated, supports the following parameters:
| Parameter | Description |
|---|---|
providerId |
Required. Entity ID of the service provider. |
shire |
Optional. Response location (ACS URL) of the service provider. |
target |
Optional. Relay state. |
time |
Optional. Skew the authentication request. |
A typical request to the CAS would look like this:
1
2
3
GET https://sso.example.org/cas/idp/profile/SAML2/Unsolicited/SSO \
?providerId=https://sp.example.org/saml2 \
&shire=my-relay-state-here