Jump to content

Custom SAML Login Handler


Recommended Posts

Good Morning,

I'm developing a custom login handler using OneLogin's PHP SAML library.  The way that saml works is the user clicks a button to login -> redirected to the login page -> login page realizes user needs to login, builds a SAML request and redirects to the Identity Provider (IDP) -> User Logs in -> User is redirected back to an "assertion consumer" page which consumes either HTTP POST or GET XML containing the login information.

I have the button handler setup and the login redirect is working thanks to the documentation Invision provides.

My question is how do I create a custom Assertion Consumer URL (Example: https://mysite.com/AssertionConsumer) that can decrypt the SAML assertion?  It almost seems as if I need a separate php page that loads the invision session information, but I wasn't sure.  My current assumption is that I'll need to create a plugin (or maybe application since it's not extending any existing app functionality?), but I wanted to ask before I went down that path.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...