Spring SAML to make a direct SOAP call to the Identity Provider

299 views Asked by At

I am new with the extension, so I've been reading the documentation which in one part stays "Usage of HTTP-Artifact binding requires Spring SAML to make a direct SOAP call to the Identity Provider". please, fix me if I am mistaken: Does it mean that it is possible to send a SOAP message to identity provider to do authentication, avoiding the need for redirecting to the IDP login page?. if it does not, what is this feature for?.

Is this something related to /saml/SSO/ endpoint?

Thank you very much.

1

There are 1 answers

0
Vladimír Schäfer On

HTTP-Artifact binding is used to deliver SAML message from IDP to SP. It avoids delivery through user's browser (which is the case with HTTP-POST binding), so the SAML is only exchanged between the servers.

There is no standard way to authenticate using SOAP with SAML 2.0 WebSSO profiles.