Hello, we are using the commercial library of yours in our Single Sign-On Service Provider solution. We have multiple clients that have their own Identity Providers and so far everything was straightforward. They provide us with their X.509 service provider certificate, URLs for signing in and out, and their entity Id.
In our Assertion Consumer Service, we simply call SAMLServiceProvider.ReceiveSSO to extract the information we need: the username provided by the identity provider and the token which is provided to them during the sign-on stage.
Now, a new client is joining us and they ask us if we support sign on with Azure Active Directory and if we support signing certificates that use a RSA 4096 bit public key. I am not sure how to answer this and I hope you can support me here.
We have clients that have their sign in / out URLs in Azure sites, but not in Azure Active Directory. As for the signing certificates, this is done internally in our library if I understand it correctly, so I am not sure what is supported here.
There shouldn’t be any issues with a 4096 bit key. We use the X509Certificate2 class to load certificates. We haven’t run into any issues with Azure AD certificates.