Overriding Options Per Request | SAML2P Documentation

The Rock Solid Knowledge SAML SP component supports overriding service provider configuration options per challenge request using SamlChallengeProperties.

The following options are overridable per request:

ForceAuthentication: Sets the ForceAuthn attribute on generated SAML requests, requesting that the IdP re-authenticate the user
AllowedIdPs: An advisory list of identity providers that are deemed acceptable to respond to the authentication request
Subject: Sets the optional "Subject" element in the SAML authentication request. You can find details about this property at Login Hints.

Usage

The SamlChallengeProperties sets configuration options for an authentication session.

HttpContext.ChallengeAsync("saml-idp", new SamlChallengeProperties
{
    AllowedIdPs = new List<string>
    {
        "urn:identityserver",
        "https://local.idp"
    }
});

Previous Next