Hi Team,
I am using Componentspace.saml2 nuget in .net core 2.1 project. I am facing issues while verifying saml response token
I remember in .net framework supported componentspace library provides methods to verify and to check it is signed
SAMLAssertion.Find()
SAMLAssertionSignature.IsSigned()
SAMLAssertionSignature.Verify()
SAMLMessageSignature.IsSigned()
SAMLMessageSignature.Verify()
I am trying to do same in core supported componentspace library, these classes and methods are not available
And to get nameidentifier framework version has
new samlAssertion(xmlelement).Subject.NameID.NameIdentifier
this also i could n’t find in .net core version
Can you please help me find the way to verify the token and get the nameidentifier
Our recommendation is to use the ISamlServiceProvider.ReceiveSsoAsync method as this handles the signature verification as well as extracting the SAML name identifier.
This is demonstrated by the ExampleServiceProvider project.
Is there a reason you wish to handle this yourself?
[quote]
[/quote]
Thank you for the response, Can you please provide the ExampleServiceProvider project link
The example projects and documentation are included with the evaluation download.
https://componentspace.com/SAMLv20-Core.aspx
[quote]
[/quote]
I thought I can use same saml token in our application for subsequent requests after authenticate with saml between API and angular application.
So in the requests between angular app to .net core api with saml token, I can not use RecevieSsoAsync method right
That's the reason I am trying to parse the token and get the subject email. Any suggestion ?
That’s not the recommended approach.
SAML assertions have a limited validity period and shouldn’t be re-used.
Instead, swap the SAML assertion for a JWT or cookie.
Our Angular example demonstrates authentication through SAML SSO followed by the creation of a JWT for web API authentication/authorization.
[quote][/quote]
That's not the recommended approach.
SAML assertions have a limited validity period and shouldn't be re-used.
Instead, swap the SAML assertion for a JWT or cookie.
Our Angular example demonstrates authentication through SAML SSO followed by the creation of a JWT for web API authentication/authorization.
SAML assertions have a limited validity period and shouldn't be re-used.
Instead, swap the SAML assertion for a JWT or cookie.
Our Angular example demonstrates authentication through SAML SSO followed by the creation of a JWT for web API authentication/authorization.
Can you please provide that example link
The previous link I sent includes a button for downloading a free evaluation zip which includes all the examples and the documentation.
Please take a look at the Example Guide PDF in the documentation for a walk-through of the Angular and web API examples.
[quote]
[/quote]
Hi Team,
Do you have any.net core API example or code which helps with multiple tenants in a single application?
configurations for multiple tenants and choosing the tenant dynamically
Multi-tenancy is supported with each tenant having a separate SAML configuration.
However, I’m afraid we don’t have any example projects.
The SetConfigurationIDAsync method is called prior to each SAML API call to select the correct SAML configuration for the tenant.
How you identify the tenant is left to the application.
Typically though the tenant is identified through the URL.
For example, each tenant has a different sub-domain or a unique query string parameter.