I have SSO integration via SAML 2.0 IDP SSO working.. but SP initiated SSO is not working. I am setting the ssoStartPage in the assertion but the cookie isn't being set by SF.

 

<saml:AttributeStatement xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">      <saml:Attribute FriendlyName="ssoStartPage" Name="ssoStartPage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">           <saml:AttributeValue xsi:type="xs:string">http://sso.customer.com/sso/SSO?SPEntityID=https://saml.salesforce.com</saml:AttributeValue>       </saml:Attribute>

 

Ideas?

I haven't had much luck getting SSO to work with my SAML assertion. Has anyone got this to work? If so, what does your saml response look like?  I signed my assertion and I believe everything is correct, yet the login history gives me "Failed: Assertion Invalid"

Any ideas?

Thank you.