diff --git a/.github/config/release-please-manifest-main.json b/.github/config/release-please-manifest-main.json
index 527bc4e..40753e3 100644
--- a/.github/config/release-please-manifest-main.json
+++ b/.github/config/release-please-manifest-main.json
@@ -1 +1 @@
-{".":"0.7.2"}
+{".":"0.7.3"}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d4e628a..dc148ff 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## [0.7.3](https://github.com/MalwareDataLab/autodroid-api/compare/v0.7.2...v0.7.3) (2025-07-16)
+
+
+### Bug Fixes
+
+* saml idp lookup ([a10174a](https://github.com/MalwareDataLab/autodroid-api/commit/a10174aa49bf525a4fdc1f276e576188569a2346))
+
 ## [0.7.2](https://github.com/MalwareDataLab/autodroid-api/compare/v0.7.1...v0.7.2) (2025-07-16)
 
 
diff --git a/package.json b/package.json
index d4c1b59..4f16a3f 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "autodroid-api",
   "author": "luizfelipelaviola <luiz@laviola.dev>",
-  "version": "0.7.2",
+  "version": "0.7.3",
   "main": "./src/index.ts",
   "license": "MIT",
   "engines": {
diff --git a/src/shared/infrastructure/saml/routes.ts b/src/shared/infrastructure/saml/routes.ts
index 070d88f..ed7136d 100644
--- a/src/shared/infrastructure/saml/routes.ts
+++ b/src/shared/infrastructure/saml/routes.ts
@@ -8,9 +8,6 @@ samlRouter.get(
   `${federationManager.BASE_SAML_PATH}/discovery`,
   (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
     if (req.query.idp) {
-      if (req.session) {
-        req.session.idpEntityID = req.query.idp as string;
-      }
       federationManager.getPassport().authenticate("saml")(req, res, next);
       return;
     }
diff --git a/src/shared/infrastructure/saml/strategy.ts b/src/shared/infrastructure/saml/strategy.ts
index 52936d0..c3c0e44 100644
--- a/src/shared/infrastructure/saml/strategy.ts
+++ b/src/shared/infrastructure/saml/strategy.ts
@@ -356,11 +356,48 @@ class SamlFederationManager {
             done: (err: any, config?: any) => void,
           ) => {
             try {
-              const entityID =
-                (req.query.idp as string) || req.session?.idpEntityID;
+              let entityID = req.query.idp as string;
+
               if (!entityID) {
-                return done(new Error("No IdP entityID provided"));
+                if (req.body?.SAMLResponse) {
+                  try {
+                    const samlResponse = Buffer.from(
+                      req.body.SAMLResponse,
+                      "base64",
+                    ).toString();
+                    const doc = new DOMParser().parseFromString(
+                      samlResponse,
+                      "text/xml",
+                    );
+                    const select = xpath.useNamespaces({
+                      saml2: "urn:oasis:names:tc:SAML:2.0:assertion",
+                      samlp: "urn:oasis:names:tc:SAML:2.0:protocol",
+                    });
+
+                    const issuerNodes = select("//saml2:Issuer", doc as any);
+                    if (
+                      issuerNodes &&
+                      Array.isArray(issuerNodes) &&
+                      issuerNodes.length > 0
+                    ) {
+                      const issuerText = issuerNodes[0].textContent;
+                      if (issuerText) {
+                        entityID = issuerText;
+                      }
+                    }
+                  } catch (parseError) {
+                    logger.warn(
+                      "Failed to parse SAML response for entityID:",
+                      parseError,
+                    );
+                  }
+                }
               }
+
+              if (!entityID) {
+                return done(new Error("IdP not supported"));
+              }
+
               const config = this.getConfig(entityID);
               return done(null, config);
             } catch (err) {
diff --git a/src/shared/infrastructure/saml/types.ts b/src/shared/infrastructure/saml/types.ts
index 76043de..29563d1 100644
--- a/src/shared/infrastructure/saml/types.ts
+++ b/src/shared/infrastructure/saml/types.ts
@@ -1,7 +1,6 @@
 import { Request } from "express";
 
 export interface AuthenticatedRequest extends Request {
-  session: any;
   user?: any;
 }