Skip to Content

New SAML Features

The SAML component has had a lot of internal reworking to now target .NET Standard 2.0, providing both .NET Framework and .NET Core support. This updated component has been in preview since August and has had extensive customer testing of both existing functionality and new features. Notable new features include:

  • Added support for SAML assertion signing
  • Added support for SP-initiated logout
  • Redesigned SAML request and response generation
  • Major improvements to SAML message validation to mitigate clock skew
  • Simplified SP configuration

To get started with SAML support in IdentityServer4, check out our getting started guide.

WS-Federation

In December, we announced the availability of our WS-Federation component, that allowed IdentityServer4 to act as a WS-Federation Identity Provider.

This component is especially useful when integrating with relying parties such as SharePoint (the component includes support for both SAML 1.1 and 2.0 tokens), and when migrating your applications from Azure ACS, a service due to shutter in February.

Preview feedback has been extremely positive, and so we are now delighted to offer it for purchase.

To get started with WS-Federation support in IdentityServer4, check out our getting started guide.

Why Two Versions: 2.2 and 2.3?

Both the 2.2 and 2.3 versions of SAML, and WS-FED are being released at the same time. This is due to the recent strong naming of the IdentityServer4 libraries. As a result, version 2.2 cannot work with IdentityServer4 2.3, and version 2.3 cannot work with IdentityServer4 2.2. We don’t have any current plans to remove support for IdentityServer4 2.2 and 2.3; however, we recommend migrating to 2.3 once you get a chance.