Introduction



The ability to generate RelayState in AD FS 2.0 was added in Rollup 2.  To do this you must run through the following process.

  • URL Encode the relying party's identifier
  • URL Encode the RelayState to send
  • Take both values of both, and add them to this string:

    RPID=<URL encoded RPID>&RelayState=<URL encoded RelayState>
  • URL Encode the entire string
  • Take that value and add it to the end of this string:

    ?RelayState=
  • Take that value and add it to the end of the IDP Initiated Signon URL.

    Ex: https://adfs.contoso.com/adfs/ls/idpinitiatedsignon.aspx?RelayState=<URL encoded string>

You can read more about the process here.  To simplify the process, an HTML file was created that uses JavaScript to generate the URL based on the following information

  • IDP URL String
  • Relying Party Identifier (RPID)
  • RelayState / Target Application



Download HTML file at CodePlex


https://adfsrelaystate.codeplex.com/releases/view/93202



AD FS 2.0 Rollup 2

http://support.microsoft.com/kb/2681584

 

Supporting Identity Provider Initiated RelayState

http://technet.microsoft.com/en-us/library/jj127245(WS.10).aspx