Why does '&SAMLRequest' get appended to my ADFS entrypoint URL?

I am using adfs IDP and saml for sso using passport-saml.

My entry point is as follows:

https://<domain-name>/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://<domain-name>/saml/metadata

When I give this URL, the adfs sso login page loads fine, but when I run the application, &SAMLRequest gets appended with this URL:

https://<domain-name>/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https%3A%2F%2F<domain-name>%2Fsaml%2Fmetadata&SAMLRequest=nVNBbtswEPyKwLskS0lQh7BsODaKGkhbw1Z76CVgyJVDgCJV7ipxfl9KtgIfGh18IrA7HM7OLGeLY22iV%2FConS1YlkzYYj5DUZuGL1t6sTv42wJSFGAWed8oWOstdwI1citqQE6S75ffH3meTHjjHTnpDIs264I93cL09uY5z%2FPptMrvIBdimrHo9%2FBguBGAiC1sLJKwFEqT7EucZXGWl%2FmE5xm%2FuUvus%2Fs%2FLNqeqR%2B0VdoexnU8n0DIv5XlNt7%2B3JcsWiKCp%2FDwyllsa%2FB78K9awq%2FdY8FeiBrkaao7IdK4VlXaACbS1SxaBw%2B0FdSLHkGmQlWYGkw3qtlYTVoQqL0%2BWGcTgc1xYdxB29LtmmKMpfM5rYGEEiTYKRDe2%2BQvkhg3QAzDsrlxUpgYjo0HxBgsaXqPtZqlF7xD6j8C0Wa9dUbL92tS%2F%2Bp8LehzdJZkfUWruOqhHGqhzVKpTlzIyBj3tvIQjCsY%2BRZYOkg77yKofjNDhgTHqzZz5epGeI1dmHAUkgaLL4lXJji4g%2Boaw0dhksuOOpS34XhzXnWLDTIMVnphsXGeztH8T8%2F81PvEjo%2Fu5e%2Bd%2FwM%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=EdEYkblB2aOEWvoeMtmWVOkeePocMAeRu2gGBRWrjyQvx%2BEP8eekHSb4IQwodJIui%2BXw%2F%2B0ziKD%2FmwFgaIlFhmWa3ZXpiluzhG8OjK2CaH1trnXNrZM3L%2FYANlXwVl2Z4WF4GF8EP7tmIci8XxFrdP%2Fz3EZ2rlCRdELJV%2FK9wNUUiMFF6FLdExcvZieb5ug15I9wynZndhzAZL46f3cjPvMpsJ9oekR8OKIejXmYOevW0OMq%2BbGGipHKE6B1WwTSaPWGrhdEYPSTHvKpmWrz%2F%2FDscCdF9zLqv%2FGY7TgMhTg9FtlfeQ2jnqeaABBilgYaF4B5zLfCGKk5BmxqwzazGg%3D%3D

The & symbol causes the page to load with an error, but when I replace this symbol with any other symbol, the page loads fine. Why is that, and how can I fix it?

Screenshot of error

1 answer

  • answered 2017-11-13 18:59 nzpcmad

    loginToRp is supposed to be the name of the application but you have set it to metadata?

    The point is to avoid asking the user to pick an application because you have already specified it.