SLO logout causing SAMLBindingException: No SAML message query string parameter in HTTP Redirect

SAML for ASP.NET
1

Hi,
I’m trying to work out what is missing.
I am Integrating with Freshdesk where I am the IDP.
Login works.
my SLOService method is a copy of \Examples\SSO\HighLevelAPI\MVC\MvcExampleIdentityProvider\Controllers\SAMLController.cs
but it throws this exception:

SAMLBindingException: No SAML message query string parameter in HTTP Redirect]
ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.ReceiveMessage(HttpRequestBase httpRequest, XmlElement& samlMessage, String& relayState, String& signatureAlgorithm, String& signature, Boolean& isRequest) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\Bindings\HTTPRedirectBinding.cs:1324
ComponentSpace.SAML2.AbstractSAMLProvider.ReceiveLogoutMessage(HttpRequestBase httpRequest, XmlElement& logoutMessageElement, String& relayState, String& signatureAlgorithm, String& signature, Boolean& isRequest) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\AbstractSAMLProvider.cs:84
ComponentSpace.SAML2.InternalSAMLIdentityProvider.ReceiveSLO(HttpRequestBase httpRequest, HttpResponseBase httpResponse, Boolean& isRequest, Boolean& hasCompleted, String& logoutReason, String& partnerSP, String& relayState) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLIdentityProvider.cs:894
ComponentSpace.SAML2.SAMLIdentityProvider.ReceiveSLO(HttpRequestBase httpRequest, HttpResponseBase httpResponse, Boolean& isRequest, Boolean& hasCompleted, String& logoutReason, String& partnerSP, String& relayState) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\SAMLIdentityProvider.cs:457
.Controllers.SAMLController.SLOService() in C:\Dev_\http\Controllers\SAMLController.cs:77
lambda_method(Closure , ControllerBase , Object[] ) +62
System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14
______ snip _______

2

Freshdesk doesn’t support SAML logout.
The logout URL you configure in Freshdesk is redirected to when you logout.
This is a simple HTTP redirect rather than a SAML logout request.
In your application you probably want a different URL for non-SAML logouts and handle accordingly.