...
Like the rest of the IdP's views, these templates use the Velocity template language and can be fully overridden if desired. It's also possible to provide header and body content that will be inserted into the existing templates, which may be sufficient in many cases.
The particular bindings typically involved are the SAML1 and SAML2 POST bindings, and less commonly the SAML2 Artifact and POST-SimpleSign bindings.
...
In other words, to override templates/saml2-post-binding.vm, you can create a file named views/templates/saml2-post-binding.vm
(path relative to idp.home).
...
The two additions you can make to the default Velocity templates without replacing them are to add HTML markup (actually, Velocity Template Language, which can be a mix of standard HTML markup and Velocity statements) to the <head> section, and/or to add HTML(VTL) markup to the <body> section. You do that by creating one or both of the following files (again relative to idp.home):
views/templates/add-html-head-content.vm
views/templates/add-html-body-content.vm
Examples
Using "add-html-head-content.vm"
One reason you might want to add additional content to the Head section of the POST response page would be if you wanted to use something like Google Analytics (GA) to generate statistics about the usage of your Identity Provider, GA can provide the ability to generate useful statistics of how many logins are processed by your IdP, by SP etc. (Just keep in mind that GA will write out various cookies to the user's browser, and you probably want to read up about those cookies, how they are used, and what the default lifetime is for each. By including the appropriate directives, you can control the lifetime and usage of those cookies, at least to some extent.)
Here is sample content you could have for the "add-html-head-content.vm" file that would send info to GA every GA every time your IdP POSTed a response to the user's browser:
...