The ability to generate RelayState in AD FS 2.0 was added in Rollup 2.  To do this you must run through the following process.

  • URL Encode the relying party's identifier
  • URL Encode the RelayState to send
  • Take both values of both, and add them to this string:

    RPID=<URL encoded RPID>&RelayState=<URL encoded RelayState>
  • URL Encode the entire string
  • Take that value and add it to the end of this string:

  • Take that value and add it to the end of the IDP Initiated Signon URL.

    Ex:<URL encoded string>

You can read more about the process here.  To simplify the process, an HTML file was created that uses JavaScript to generate the URL based on the following information

  • IDP URL String
  • Relying Party Identifier (RPID)
  • RelayState / Target Application

Download HTML file at CodePlex

AD FS 2.0 Rollup 2


Supporting Identity Provider Initiated RelayState