Can someone explain what are Signature value and x509 certificate nodes are used in entitydescriptor request. and how to validate the reponse
I presume by EntityDescriptor you’re referring to SAML metadata.
A element indicates the SAML metadata XML has been signed.
An under an or is a certificate associated with the identity provider or service provider.
For example, an under an is the certificate a partner service provider should use when verifying signatures generated by the identity provider.
Thank you for quick response
Yes i am referring to SAML metadata, can you please provide sample c# code to validate the response with X509certificate and retrieve parameter values from saml:atribute nodes
Do you mean when receiving a SAML response?
This is done by calling SAMLServiceProvider.ReceiveSSO.
This one API call will receive the SAML response, validate XML signatures, perform various other security checks, and extract the SAML attributes etc and make them available to your application.
The ExampleServiceProvider project in the Examples\SSO\HighLevelAPI\WebForms folder demonstrates calling this API.
Sections 10.1 of our Developer Guide PDF describes the ExampleServiceProvider and corresponding ExampleIdentityProvider projects.