Does all the Identity Providers (OneLogin, Okta etc) uses the same SAML endpoint of their own?

0
votes

I'm trying to integrate with OneLogin SAML login. I'm just wondering if each identity provider uses the same SAML endpoint across all users?

My current structure would prefer not to collect any information from the user and instead to redirect to the SAML endpoint based on the user selection on which SAML login they would like to authenticate. So in our database, we will have all the supported IdPs SAML endpoint (assuming each of them is the same), hence there is no need for user's additional information such as email id to retrieve the SAML endpoint if that's possible.

1
single-sign-onsamloneloginidp

1 Answers

0
votes

The SAML endpoint you send users to for authentication by their IdP is the same for all users of that IdP. Each IdP will have a different SAML endpoint.

In your database, you'd need to store the SAML entityID (IdP) associated with each user and lookup the SAML endpoint from the SAML metadata for that entityID as, if the metadata changes, the endpoint may change too but the entityID won't normally change.