SSO SAML failing with Auth0 as Identity Provider - Missing RelayState in SAML response

marcelina.barycka · January 11, 2024, 12:51pm

Were you able to move forward with your SAML integration?

I went ahead and also consulted our SAML engineering team - and the RelayState has to be provided by SP along with the request to the Identity Provider Login URL . The exact string (URL decoded) will be returned as RelayState with the SAML response.

Suppose the application has the Identity Provider Login URL: https://test.local.dev.auth0.com/samlp/3h9qAQsqC4H9Uhhj4MnYiq3kkaG2qPYe
If the request made to Auth0 is
https://test.local.dev.auth0.com/samlp/3h9qAQsqC4H9Uhhj4MnYiq3kkaG2qPYe?RelayState=https%3A%2F%2Fsso.ringcentral.com%2Fsp%2FACS.saml2

The returned response will be

*SAMLResponse: <encoded string>
*RelayState: https://sso.ringcentral.com/sp/ACS.saml2*

My advice would be to try with the https://sso.ringcentral.com/sp/ACS.saml2 as the RelayState and have this URL set as the Allowed Callback URLs in your Auth0 tenant → Applications → ringcentral → Settings → Allowed Callback URLs.

Hope this helps! Your feedback would be appreciated!

Topic		Replies	Views
Static RelayState for SAML Application in Auth0 - IdP Initiated Get Help configuration , application	5	3354	June 5, 2024
How to add default relay state in Auth0 SAML application? Get Help saml , login-experience , protocols	1	1874	October 3, 2023
Wrong RelayState with Auth0 as IDP Get Help	2	4359	October 15, 2020
Auth0 as Service Provider returning SAML Response instead of Auth0 IDToken Get Help sso , application	2	1559	August 20, 2023
Wrong RelayState parameter received in the Get Help	4	5232	July 26, 2019

SSO SAML failing with Auth0 as Identity Provider - Missing RelayState in SAML response

Related topics