Validate list of Destination in SAMLResponse

Our SSO app has different domain names (,, etc) and all point to same instance.
Hence ACS URL is different for each domain and I’m able to configure multiple SAML Configurations for each domain.

In SP-init SSO, the ACS URL in SAMLRequest is and in SAMLResponse the Destination URL is There is a mismatch and ComponentSpace throws below exception:

[ERR] Saml Service Provider exception on RecieveSsoAsyncComponentSpace.Saml2.Exceptions.SamlProtocolException: The SAML response destination doesn’t match the local provider name or URL. at ComponentSpace.Saml2.SamlProvider.CheckDestination(StatusResponseType samlResponse, String destinationName, String destinationUrl) at ComponentSpace.Saml2.SamlServiceProvider.ProcessSamlResponseAsync(XmlElement samlResponseElement) at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync() at Identity.Service.Controllers.SamlController.AssertionConsumerService() in /tmp/Identity.Service/Controllers/SamlController.cs:line 93

So, my question: Is it possible to validate a list of Destination URL in SAMLResponse by ComponentSpace?


Please enable SAML trace and send the generated log file as an email attachment to mentioning your forum post.

Once the log has been captured and as a temporary fix, disable the destination check by setting the following in your PartnerIdentityProviderConfiguration:

“DisableDestinationCheck”: true