Writing a custom SAML script

You can write SAML response scripts in JavaScript in the Custom Logic area of the SAML Response page of a SAML application.

The custom SAML script specifies elements that must be present in the SAML assertion used to start the current user session with a web application. To write the script, you must know what SAML elements the web application requires. The script must retrieve required information from the web application’s profile and the user object, and must then specify the SAML elements and their values using assertion-set methods. After the script executes, the Privileged Access Service follows the script’s specifications to create a SAML assertion and its enclosing SAML response.

A SAML script is required for each application profile created using the custom SAML application template. To see examples of SAML scripts used to connect to web services, open the application profile for any SAML application in the Apps panel of Admin Portal. Click the SAML Response tab to see the application’s SAML script.

To assist with writing SAML response scripts, the SAML Script Editor includes a context-sensitive autocomplete feature.