Does SAML Assertion policy can accept assertion xml in request.forparam

anonymous · January 31, 2017, 11:41pm

I have a proxy endpoint which is currently in use in production and doing the session validation by accepting the session as part of request.formparam.

Now I want to enhance this endpoint in order to validate the SAML assertion as well. From the SAML Assertion policy documentation, I came to know that the built-in support is for SOAP inbound request.

How can I design my existing endpoint to accept the SAML assertion like below and make it compatible with SAML validation policy?

POST /existingEndPoint HTTP/1.1

Content-Type: application/x-www-form-urlencoded

grant_type=SAML&saml_assertion=

Any sample APIs would be really helpful. Thanks!

anonymous · February 1, 2017, 12:21am

sure it can. In such cases the saml assertion is usually base64 encoded. You’d want to decode it first.

anonymous · February 1, 2017, 12:44am

Thanks for your response. How can I provide that to xpath of the SAML validation policy?

Topic		Replies	Views
Grant Type for SAML Apigee api-runtime	2	12	July 3, 2015
ERROR_PARSING_PAYLOAD error in Validate SAML Assertion policy Apigee api-runtime	6	45	February 6, 2017
can anybody explain the usage of SAML Assertion policy in Apigee edge with an example in detail? Apigee api-runtime	1	7	June 21, 2016

Does SAML Assertion policy can accept assertion xml in request.forparam

AI Suggested topics