IdP-first flow information. and added propset id

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1437 44740490-163a-0410-bde0-09ae8108e29a

docs/simplesamlphp-googleapps.txt

@@ -7,7 +7,7 @@ Setting up a simpleSAMLphp SAML 2.0 IdP to use with Google Apps for Education
 	http://daringfireball.net/projects/markdown/syntax
 -->
 
-  * Version: `$Id: simplesamlphp-install.txt 1297 2009-02-23 09:03:26Z andreassolberg $`
+  * Version: `$Id$`
 
 
 

docs/simplesamlphp-idp-more.txt

 SimpleSAMLphp Identity Provider Advanced Topics
-===========================================
+===============================================
 
 <!-- 
 	This file is written in Markdown syntax. 
@@ -26,3 +26,17 @@ The attribute release consent is documented in a separate document.
 
   * [Documentation on the consent module](https://rnd.feide.no/content/consent-module)
 
+
+IdP-first flow
+--------------
+
+If you do not want to start the SSO flow at the SP, you may use the IdP-first setup. To do this, redirect the user to the SSOService endpoint on the IdP with one parameter `spentityid` that match the SP EntityId that the user should be logged into.
+
+Here is an example of such an url:
+
+	https://sp.example.org/simplesaml/saml2/idp/SSOService.php?spentityid=dev.andreas.feide.no
+
+When the IdP-first flow is used an extra parameter is needed in the `saml20-sp-hosted` metadata. This is the `RelayState` parameter that tells the SP which URL to redirect the user to after the user is successfully authenticated. This typically is the frontpage of your application. An example of this can be:
+
+	'RelayState' => '/',
+