What is the content of SMFED_TEMPORARY_STATE or FED_TEMPORARY_STATE cookie?

Document ID : KB000039777
Last Modified Date : 14/02/2018
Show Technical Document Details

Question: 

What is the content of SMFED_TEMPORARY_STATE or FED_TEMPORARY_STATE cookie?

 

Answer:

<SM>FED_TEMPORARY_STATE cookie contains the RelayState information that was sent by the Service Provider.

 

Additional Information: 

Service Provider (SP) initiated request will have the RelayState information in URL encoded format. SP will create a cookie with this RelayState information and it is called <SM>FED_TEMPORARY_STATE. The <SM> will be replaced with the sso zone name as configured at SP side. Then SP sends this authnrequest to IDP for authentication. After authentication, the IDP posts the assertion to the SP and this request will have the temp cookie. SP receives this cookie and finds the final target location (RelayState) after decrypting the cookie. This cookie will prevent any alteration/modification to the RelayState information.