SAP Knowledge Base Article - Public

2475720 - SP Initiated login - SAML Request sent as a GET and not a POST


  • SP initiated SSO - SAML Request sent as a GET and not a POST
  • Worry of risk issue using GET vs. POST


  • BizX Platform


  • We send the entire SAML Request as a GET and not a POST.
  • We are compliant with the SAML standard. However, we do want to increase our customer confidence in our technology and would like to address any security issue they see
  • Our future direction and strategy is to use IAS (Identity Authentication Service) as our IDP that connects to the customer IDP. 
  • IAS supports both GET and POST
  • You can find more about the roadmap for IAS integration on the community


  • Single Sign On
  • SSO
  • GET
  • POST
  • IAS
  • SP initiated
  • SAML
, KBA , LOD-SF-PLT-SSO , Single Sign-on , Product Enhancement


SAP SuccessFactors HCM Core all versions