Redirect_url does not work on SSO


we use to pass the redirect_url user reach to before login so user will be redirected to that location right after login.

on user-password scenario it works, but for SSO we’ve noticed it doesnt.
when trying to debug it seems like when user redirected to the custom login page the request to the login page includes redirect_uri flag which indeed includes callback path with url flag with the original location.

when clicking the SSO button on our custom login page, we do send this redirect_uri flag but seems like its being discarded on the IDP side and user being redirected to main page.

i’ve noticed there is an option on the saml configuration on Auth0 , under IDP-initiated-sso to define query_String which is the redirect_url and when doing that with ?url=xxx and running the SSO flow, the user is indeed being redirectd to whats written on the url and not to the main page.
the thing is, this option requires hard coded value.
how can it work with dynamic value?

i thought the way is using ‘upstream parameter’ but its not seems the directiion.

any idea?
i assume its not a rare question.


Have you tried with RelayState ? It is an standard mechanism for passing opaque data to the IDP and you want to get back with the token. It is usually passed in the query string for SAML 2.0