I have almost the same situation as described in this post (https://www.componentspace.com/Forums/11054/Setup-Customer-Testing-of-Idp-Configuration)Short explanation
There is a Services Provider application;2.
There is a feature that allows users to configure information about IdentityProvider manually or using metadata xml file;3.
There are InitiateSingleSignOn
It is necessary to implement functionality that will allow the user to test
the correctness of the configuration.
Based on the attached forum post, testing could be performed by Initiating SSO from another browser tab.
In this case, IdP will send a response to AssertionConsumerService
endpoint where we need to know that this call comes from Test
action and not from real SSO process. So, is there a way to handle when testing is performed on not? In addition, is there a ComponentSpace build-in solution for testing such behavior?
Some ideas about it:
1. Send serialized object with information (bool IsTest at least) as relayState
and work with it in AssertionConsumerService
to understand if this is response come from test request;2. Create TestInitiateSingleSignOn and TestAssertionConsumerService and provide information about these endpoints to a user with a disclaimer that this configuration has to be used only for testing.
Best regards, Dmitry!