Hi,
Is there a way to validate a SAML token sent by other application to my application using ComponentSpace APIs?
I have 2 web applications App1 and App2.
App1 will initiate SSO and send SAML token to App2.
Now how App2 will validate that SAML token sent by App1 using ComponentSpace APIs?
Thanks,
Lokesh.
Do you mean you wish to validate the XML signature on a SAML assertion or SAML message?
If so, yes this is definitely supported.
Is your application acting as the service provider in browser-based SAML SSO?
If so, I suggest taking a look at the ExampleServiceProvider project that’s included. You’ll also find this described in our Developer Guide PDF.
When you call SAMLServiceProvider.ReceiveSSO, it will perform various security checks including validating the XML signature on the SAML assertion or SAML response.