Handling Post-Request in routes-configuration

I initiate a single-sign-on process from /sso. After signing in at the remote identity provider I get redirected to /asc with some post-data. But kirby response to the post request always with a 301 and i can’t process the post form-data.

Thanks in advance for any hints!

I have the following configuration:

	'routes' => [
		'pattern' => 'sso',
		'action' => function () {
			return startSSO();
		'method' => 'GET|POST',
		'pattern' => 'asc',
		'action' => function () {
			if (isset($_POST['SAMLResponse'])) {
				processSSOResponse(); // **never executed**
			} else {
				return go('/welcome');


Are you sure $_POST is not empty? What do you get when dump post data before isset?


You are right, @ahmetbora.

$_POST is empty. But the first request (POST) is still redirected via 301 to a second request (GET), which executed your dump-code. (Please see my first screenshot)

The data is transferred as »Form Data« for the first request (POST) :
Bildschirmfoto 2021-02-09 um 17.46.22

I use the OneLogin’s SAML PHP Toolkit and maybe the binding is also one part of the problem: php-saml/settings_example.php at b41ccc3c6e3386f31b7c333ca7cc45c3eddf5aec · onelogin/php-saml · GitHub

Oh, wait!

Looks like the 301 is coming from a redirect to https! I need to check this with my colleague from the identity provider.

We can close this thread. It was an issue on our end.