Postman is violating the SAML 2 specs

lunar-module-explor6 · October 19, 2023, 9:05pm

Postman requires a URL on the SAML SSO configuration page for entityID. This is a clear violation of the SAML 2 specifications, since the standard states clearly that an enityID is a URI, not a URL.

Can anyone tell me why this is, or what source SAML library/vendor is causing this?

For reference, the part of the SAML 2 spec I am referring to in regard to our EntityID is 8.3.6 of the OASIS SAML 2 core spec. Which can be found here:

 8.3.6 Entity Identifier

 ...The syntax of such an identifier is a URI of not more than 1024 characters in length...

system · November 18, 2023, 9:06pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SAML SSO Callback URL issue 🙋 Help authentication	1	1138	May 6, 2020
Is SAML supported by Postman? 🗣 General Discussion saml	2	198	June 29, 2024
I am not sure how to solve this output issue 🙋 Help authentication , json	2	420	October 5, 2022
Did I configure SSO correctly 🙋 Help azure , sso	1	1405	December 10, 2019
RFC 6749 / section-2.3.1 🗣 General Discussion oauth2	3	21	October 11, 2024

Postman is violating the SAML 2 specs

Related topics