I am trying to consume a secure api, after authenticating using SAML with mutual TLS exchange.
Is there a sample using component space to achieve the same? Thanks
Do you mean you’re using SAML for SSO or is the SAML assertion a security token that’s part of the secure API?
Or is the mutual TLS exchange used to secure the API?
Could you elaborate on how SAML is involved with your secure API?
Thanks.
Sorry for not being clear, I think I am trying to break it down myself.
We are trying to SSO to one of our partners website from our ASP.NET website
Partner site uses, SAML authentication via API service and Mutual TLS authentication on https to make connection extra secure
I was wondering if I can do this with component space. Thanks.
Do you know what they mean specifically by an API service?
SAML SSO is a browser based protocol with SAML messages typically sent via the browser. It’s not an API service where the service provider (SP) site makes a web or REST API call to the identity provider (IdP) site.
If you were making an API call it would make sense to support mutual TLS authentication. However, for SAML SSO I’m not sure it does. For most SAML flows there’s no direct connection between the SP and IdP. HTTP connections are between the browser and the IdP or SP.