- SP initiated SSO - SAML Request sent as a GET and not a POST
- Worry of risk issue using GET vs. POST
- BizX Platform
- We send the entire SAML Request as a GET and not a POST.
- We are compliant with the SAML standard. However, we do want to increase our customer confidence in our technology and would like to address any security issue they see
- Our future direction and strategy is to use IAS (Identity Authentication Service) as our IDP that connects to the customer IDP.
- IAS supports both GET and POST
- You can find more about the roadmap for IAS integration on the community :
- Single Sign On
- SP initiated
SAP SuccessFactors HCM Core all versions