RequestUsername IdP Support

Hi.

Is there any documented list of what identity providers support the feature that auto-populates the username from the Subject/NameID into the username field of the identity provider (RequestedUsername in SsoOptions)? I’ve tested with ADFS and Google and did not see any results. I’ve also read on another post here that Okta does not support this.

Additionally, ADFS supports a ‘login_hint’ or ‘username’ field in the query string to auto-populate the username, is this a feature that is planned to be implemented at any point through this library or will it have to be done manually? I understand it’s not part of the spec but at this point, I don’t think any SAML IdP actually supports the spec the same way anyway and ADFS is a pretty common SAML IdP.

Thanks

Hi Steve
The NameID in the SAML authn request is the correct approach as per the SAML specification.
This is what we support through the RequestedUserName in the SSOOptions.
Unfortunately, many IdPs don’t support this.
I’m afraid we don’t have a list of which ones do.
We’re a little reluctant to add proprietary solutions to support different IdPs.
However, I agree that ADFS is a commonly used IdP and perhaps it makes sense to add support for its proprietary solution.
We’ll discuss this internally to see whether to add this support.
Of course, it’s supported now in the sense that the application can include query string parameters in the URL it supplies to our API.

Sorry, I didn’t realize you were talking about ASP.NET Core.
I’ve moved the topic to the appropriate forum.
You can use the OnResolveUrl delegate to add the query string parameter to the URL.
For example:

_samlServiceProvider.OnResolveUrl += (samlEndpointType, url) =>
{
if (samlEndpointType == SamlEndpointType.SingleSignOnService)
{
return QueryHelpers.AddQueryString(url, “username”, “johndoe@componentspace.com”);
}
else
{
return url;
}
};

await _samlServiceProvider.InitiateSsoAsync(partnerName, returnUrl);