During an SP initiated sign on, is there a way to pass an arbitrary string (in this case a URL) from the SP to the IDP which will then be returned to the SP after the sign on is completed on the IDP side?
RelayState is what should help you. It’ll be returned back with the assertion
I want to do the same, but fail. I initiate login from SP and attach ?RelayState=blabla, get redirected to okta, but when I get SAML in SP back there is a default RelayState (configured in app)! I thought it should have been used only for IDP-initiated logins, but we have an SP-initiated one. Could somebody help me, please?
try to check, if you are using correct flow, like correct SSO URL to initiate the flow
I believe URL is ok, because I took it from okta and also login finishes successfully. The only thing that bothers me - url is the same in both IDP and SP initiated flow, just parameters differ.
In the IDP it is SAME_URL?fromHome=true, in SP is SAME_URL?SAMLRequest=…&RelayState=…&fromLoginToken=…
But RelayState comes back empty or default (if set) regardless what I send. I really need it