SAML 2.0 page identifiers

The SAML 2.0 runtime can display HTML pages in response to events that occur during single sign-on requests. You can select which pages to display and also modify the pages.

Use HTML pages for the following purposes:

  • Displaying success and error messages to users
  • Asking users for confirmation
  • Sending SAML messages

You can customize these HTML pages so that they display what you want. These pages contain macros and are similar to other HTML pages in Security Access Manager. A macro is text in an HTML page that is replaced with context-specific information. For example, the macro @ERROR_MESSSAGE@ is replaced by text that describes the error that occurred.

You can find the SAML 2.0 pages in the local management interface using these steps:

  1. Click Secure Federation > Global Settings > Template Files.
  2. Expand the locale folder to locate a template file.

For example, the English version of the SAML consent_to_federate.html template is in C/saml20.

All of the available SAML 2.0 HTML pages are listed in the following table.

Table 1. SAML 2.0 HTML page identifiers and macros
Page identifier Description Macros and descriptions
saml20/consent_to_federate.html Displays during the SAML single sign-on flow whenever the service provider wants to federate the account at the identity provider with the account at the service provider.
@TOKEN:form_action@
The URL to which the SAML message is sent.
@TOKEN:SPProviderID@
The ID of the Service Provider.
@TOKEN:SPDisplayName@
The name of the Service Provider.
@TOKEN:IPProviderID@
The name of the Identity Provider.
saml20/logout_partial_success.html Displays whenever the SAML single log out flow completes with partial success.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@TOKEN:UserName@
The user name that performs the operation.
saml20/logout_success.html Displays whenever the SAML single log out flow completes successfully.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@TOKEN:UserName@
The user name that performs the operation.
saml20/nimgmt_terminate_success.html Displays whenever the SAML name identifier management terminate flow completes successfully.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@TOKEN:UserName@
The user name that performs the operation.
@TOKEN:PartnerID@
The ID of the partner.
saml20/nimgmt_update_success.html Displays whenever the SAML name identifier management update flow completes successfully.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@TOKEN:UserName@
The user name that performs the operation.
@TOKEN:PartnerID@
The ID of the partner.
saml20/saml_post_artifact.html Sends the SAML artifact to the partner for HTTP POST binding.
@TOKEN:form_action@
The URL to which the SAML message is sent.
@TOKEN:RelayState@
The RelayState.
@TOKEN:SamlMessage@
The SAML message.
saml20/saml_post_request.html Sends the SAML request message to partner for HTTP POST binding.
@TOKEN:form_action@
The URL to which the SAML message is sent.
@TOKEN:RelayState@
The RelayState.
@TOKEN:SamlMessage@
The SAML message.
saml20/saml_post_response.html Sends the SAML response message to the partner for HTTP POST binding.
@TOKEN:form_action@
The URL to which the SAML message is sent.
@TOKEN:RelayState@
The RelayState.
@TOKEN:SamlMessage@
The SAML message.
saml20/art_exchange_failed.html Displays whenever there is a failure during the SAML artifact resolution flow.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/authn_failed.html Displays whenever there is a failure during the SAML single sign-on flow.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_building_msg.html Displays whenever an outgoing SAML message is not constructed.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_decrypting_msg.html Displays whenever an incoming SAML message is decrypted.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_missing_config_param.html Displays whenever a SAML flow is run on a SAML federation with invalid configuration.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_parsing_art.html Displays whenever an incoming SAML artifact is parsed.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_parsing_msg.html Displays whenever an incoming SAML message is parsed.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_sending_msg.html Displays whenever an outgoing SAML message is sent.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_validating_art.html Displays whenever an incoming SAML artifact is validated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_validating_init_msg.html Displays whenever a SAML flow is initiated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_validating_msg.html Displays whenever an incoming SAML message is validated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/error_validating_msg_signature.html Displays whenever an incoming SAML message is signature validated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/invalid_art.html Displays whenever an incoming SAML artifact is validated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/invalid_init_msg.html Displays whenever a SAML flow is initiated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/invalid_msg.html Displays whenever an incoming SAML message is validated.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/logout_failed.html Displays whenever there is a failure during SAML single logout flow.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/nimgmt_terminate_failed.html Displays whenever there is a failure during the SAML name identifier terminate management flow.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.
saml20/nimgmt_update_failed.html Displays whenever there is a failure during the SAML name identifier update management flow.
@REQ_ADDR@
The URL of the request.
@TIMESTAMP@
The time stamp of the request.
@ERROR_MESSAGE@
The error message.
@EXCEPTION_STACK@
The stack trace of the error. Do not use this macro in a production environment.