idp
Last updated on
11 Jan 2022
Description
Verify the integrity of the SAML response from the server.
Syntax
ProcessSAMLResponse(idp, sp)
Parameters
|
Name of the Identity Provider. |
sp |
Name of the Service provider. |
The response struct returned by ProcessSAMLResponse contains the following important fields:
SSO response
- AUTHENTICATED - A boolean value that tells us if the user was successfully authenticated at the IdP
- NAMEID - The username (or) email used for authentication
- NAMEIDFORMAT - Describes the format of the NAMEID field for further processing
- ATTRIBUTES - A list of attributes configured with the user at the IdP. May include First Name, Last Name, Permissible roles, etc
- RELAYSTATE - A string token that is attached with the request. On succesful authentication with the IdP, this token is sent back in the SAMLResponse so that the user can be redirected to any page once authentication is done.
SLO response
- SUCCESSFULLOGOUT - A boolean value that indicates whether the user's global session at the IdP was successfully destroyed
Example
<cfset RespStruct = "#ProcessSAMLResponse("idp1", "sp1")#"> <cfdump var="#RespStruct#"> <cfif RespStruct.AUTHENTICATED> <cflogin> <cfloginuser name="#RespStruct.NAMEID#" password="" roles="#ArrayToList(RespStruct.ATTRIBUTES)#"> </cflogin> </cfif>