Overriding Options Per Request

The Rock Solid Knowledge SAML SP component supports overriding service provider configuration options per challenge request using SamlChallengeProperties.

The following options are overridable per request:

ForceAuthentication: Sets the ForceAuthn attribute on generated SAML requests, requesting that the IdP re-authenticate the user
AllowedIdPs: An advisory list of identity providers that are deemed acceptable to respond to the authentication request
Subject: Sets the optional "Subject" element in the SAML authentication request. Details about this property can be found at Authentication Request Subject.

Usage

SamlChallengeProperties can be used to set configuration options for an authentication session.

HttpContext.ChallengeAsync("saml-idp", new SamlChallengeProperties
{
    AllowedIdPs = new List<string>
    {
        "urn:identityserver",
        "https://localhost:5000/saml/"
    }
});

Previous Next