You need to sign in to do that
Don't have an account?
ArjunDhar
SAML 2 : Does IdP need to be on Public domain
Hi,
for SAML 1.1 it is necessary for the Idp (Identity Provider) to communicate with the SP (Service Provider); SF docs also mention that the Idp should be on a public domain (not just IP).
However, for SAML 2 which is SP first (SP = Sales Force / SF) in this case, I wanted to have a localhost implementation of SSO server + SAML. Is it practical to consider this testing scenario since all requests are routed through the browser as per SAML 2.0 afaik.
Someone please share some light on this... am having a tough time setting up to test this stuff out.
Yes - a local (private) test IdP works fine. As you say, since all communication goes via your browser (HTTP Redirect or POST) then as long as your browser can resolve the hostnames, it will work as expected.