Skip to main content

Create SAML Login Redirect

curl -X POST https://your-domain.com/recipe/saml/login \
  -H "Content-Type: application/json" \
  -d '{
    "clientId": "my-saml-client",
    "redirectURI": "https://myapp.com/auth/callback",
    "state": "optional-state-parameter",
    "acsURL": "https://myapp.com/recipe/saml/acs"
  }'

{
  "status": "OK",
  "ssoRedirectURI": "https://idp.example.com/sso?SAMLRequest=encoded-request&RelayState=state"
}
clientId
string
required
The SAML client ID configured in your application
redirectURI
string
required
The URI to redirect to after successful authentication. Must be in the client’s redirectURIs list
state
string
Optional state parameter to maintain state between request and callback
acsURL
string
required
Assertion Consumer Service URL where IdP will POST the SAML response
status
string
“OK” or “INVALID_CLIENT_ERROR”
ssoRedirectURI
string
The complete SSO URL to redirect the user to for authentication with the IdP. This URL includes the encoded SAML authentication request and relay state

Usage

After receiving the ssoRedirectURI, redirect the user’s browser to this URL. The user will authenticate with the Identity Provider and be redirected back to your application’s callback endpoint.
Example
// Frontend example
fetch('/recipe/saml/login', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    clientId: 'my-saml-client',
    redirectURI: 'https://myapp.com/auth/callback',
    state: 'random-state-value',
    acsURL: 'https://myapp.com/recipe/saml/acs'
  })
})
.then(res => res.json())
.then(data => {
  if (data.status === 'OK') {
    window.location.href = data.ssoRedirectURI;
  }
});

Build docs developers (and LLMs) love

Get started for freeTalk to us