Customizing the SAML 2.0 login form

An identity provider can customize the default authentication login page with more contextual information.

When a user requests access to a single sign-on federation, the identity provider initiates single sign-on by authenticating the user. To authenticate the user, the identity provider uses a point of contact server to display a forms-based login page.

When an identity provider participates in multiple federations or hosts multiple partners in one federation, an administrator might want to customize the default login form.

To specify the contextual information to pass to the web reverse proxy login page, use the local management interface to update the Point of Contact profile. In the profile, edit the authentication.macros callback parameter. The value of this callback parameter is a list of comma-separated macros. Each macro represents a piece of contextual information.

To identity the macros you want to use, and to review the Point of Contact profile and its callback parameters, see:

• Supported macros for customizing an authentication login form.
• Callback parameters and values.
• Updating or viewing a point of contact profile.