So far I can see angular calling an API and via component space we are integrating the sso. Can we invoke sso component space via angular??
Our SAML for ASP.NET Core product includes an Angular app demonstrating how it can participate in SAML SSO.
An ASP.NET Core backend app acts as the SAML service provider. Control is passed between the Angular app and ASP.NET Core app using HREFs and redirects rather than REST API calls.
The reason for this is that SAML is a browser based protocol. This means that all messages sent between the service provider (SP) and identity provider (IdP) sites are sent via the browser. For example, sending a SAML request from the SP to IdP results in a 302 HTTP response returned to the browser which then sends an HTTP Get with the SAML request query string to the IdP.
If instead you initiated SSO using a REST API call, the Angular app would somehow have to handle the 302 redirect as well as set-cookie headers etc. It’s much simpler to let the browser handle this correctly.
This isn’t a limitation in our software but rather how the SAML specification works.
I suggest taking a look at the SAML for ASP.NET Core product. The Examples Guide in the documentation folder walks you through the Angular app and the ExampleWebApi ASP.NET Core app which acts as the SP.