Hello All,
For some reason when i run the ‘ExampleServiceProvider’ → ‘ExampleIdentityProvider’ it redirects to the login screen but does NOT automatically login (as I would think it should).
This is pretty much the vanilla high level examples out of the box. I would think the below code would also handle the login not just a redirect.
// To login at the service provider, initiate single sign-on to the identity provider (SP-initiated SSO).
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSSO(Response, null, partnerIdP);
Do I need to use a different method to have the link redirect and login?
- Any help would be appreciated.
Adam
Hi Adam
When the ExampleServiceProvider calls SAMLServiceProvider.InitiateSSO, a SAML authn request is sent to the ExampleIdentityProvider’s SAML/SSOService.aspx endpoint.
The ExampleIdentityProvider is responsible for authenticating the user. In this example, the user is prompted to login if they haven’t previously logged in at the ExampleIdentityProvider.
Once authenticated, the ExampleIdentityProvider sends a SAML response to the ExampleServiceProvider which performs an automatic login using information supplied in the SAML response.
This demonstrates the typical SP-initiated SAML SSO flow.
The identity provider has to authenticate the user before completing SSO.
What SSO gives you is a single user login at the identity provider and automatic login at the service provider rather than two separate logins if SSO isn’t employed.
I had these backwards the example is working as expected.
IDP > SP
Ok, thanks.