We are implementing service provider initiated SSO. Below is a sample SAML.config. Now when InitiateSSO call is made, SingleSignOnServiceUrl is picked up based on the PartnerIdentityProviderName passed to the initiateSSO call. I believe the first service provider tag containing attribute ‘AssertionConsumerServiceUrl’ is required only for IdP initiated SSO. But when we remove that tag, call to initiateSSO function gives exception “A local identity or service provider must be configured”. Preferably we would like to remove that tag since it is unused.
Please advise.
<ServiceProvider Name=“SP1”
AssertionConsumerServiceUrl=“/Login.aspx”
LocalCertificateFile=“”
LocalCertificatePassword=“”/>
<PartnerIdentityProvider Name=“Development”
SignAuthnRequest=“false”
WantSAMLResponseSigned=“false”
WantAssertionSigned=“false”
WantAssertionEncrypted=“false”
SingleSignOnServiceUrl=“some url”
SingleLogoutServiceUrl=“some url”
SingleLogoutServiceBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”
SingleSignOnServiceBinding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”
OverridePendingAuthnRequest=“false”
PartnerCertificateFile=“”/>