SP initiated flow with Azure AD

mohammed_ajmal · November 17, 2022, 9:38am

I have integrated AWS Quicksight application with Azure AD. I have provided necesssary attributes such as role , RolesessionName, Principal Tag.
When I try to test connection from Azure (Idp iniated flow) I am able to reach AWS console. However after I give signon URL as below for SP initiated flow
“https://eu-central-1.quicksight.aws.amazon.com/sn/start”

.
After redirecting to Azure AD, Im getting the error

AADSTS750045: SAML Request or SAML response must be present as query string parameters in HTTP request for SAML Redirect binding.

Did anyone face the same issue and able to resolve it for SP initiated flow with Azure AD

robkc · November 17, 2022, 2:34pm

Hi @mohammed_ajmal

You want to leave the Sign on URL blank and use the Relay State attribute to direct where to go once sign in is complete.

You’ll see in my screenshot below I redirect the users to the favorites page.

Let me know of this helps.

mohammed_ajmal · November 18, 2022, 11:03am

Thanks it worked , but ideally signon Url option given in Azure AD portal is to add the service that initiates the SP initiated flow but anyhow its working in desired away.
Thanks robkc