SP initiated login to Salesforce ignoring RelayState

Question

The SAML configuration is in place and everything is working for IdP initiated. SP initiated however, simply directs users to the default F5 APM Webtop. The process ignores the RelayState parameter that is sent by the Service Provider (Salesforce.com). Salesforce is sending a URI as a RelayState parameter. So, it can be "/", "/00O/o" or some crazy long string. F5 will always send the user to the webtop. Using Fiddler, you can see that there is always a RelayState sent but the F5 always ignores it. Is there some way to manipulate this to have the HOST included in the parameter? Is there something mis-configured? Is this an SF or F5 issue?

schmuck · Answer

Looks like the issue was with the configuration on the Service Provider. The login URL was not configured as the F5 standard one, The RelayState was fine and never changed but after the login was configured to the above (on the SP), the RelayState was processed properly and everything just worked.

Forum Discussion

SP initiated login to Salesforce ignoring RelayState

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

OWA File Upload URIs for WAF Bypass

F5 AWAF/ASM learning only from Trusted traffic?

irule execution error

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

Proxy Protocol v2 Initiator

iRuleLX Solution for OAUTH JWT authenticated Salesforce Query

Proxy Protocol Initiator

Accelerate your AI initiatives using F5 VELOS

Dynamic , Variable RelayState in IdP initiated SAML SSO

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS