What is Relay State?

From an Identity Provider perspective this is a way to Connect a user With a specific Service Provider, or Trusted Relying Party, in case you have configured Your IdP With several Service Providers.

Technet Article: http://technet.microsoft.com/en-us/library/jj127245(v=ws.10).aspx

Modify Your IdP Sign-in URL With a Relay State to pre-choose which Service Provider to use, instead of needing to choose among all Service Providers configured in Your IdP.

Tool for Modifying IdP Sign-in URL: https://adfsrelaystate.codeplex.com/releases/view/93202


From the Service Provider perspective, Relay State can be used in two different scenarioes.

1. Instead of using Custom URLs or some landing site that understand which Federation Service it should redirect the user to, we can take advantage of Relay State as mentioned abow by the Identity Provider.

2. When configuring EndPoint for Our Service Providers at Our Identity Provider, we can configure them URLs With Relay State, in case Your Service Provider doesn’t give you a custom URL or doesn’t have the ability to redirect you towards the necessary login site automaticly.


I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts