I am using identity server 4 for authentication to my ASP.Net Core solution. And it is working well with Facebook, Google and other external identity provider. And now I am trying to add SAML 2.0 authentication to the identity server using Sustainsys.Saml2 from https://github.com/Sustainsys/Saml2 and making it work as an external identity provider. (Customers to our site want to login using their SAML identity provider using our Identity Server in the same way they can login via Facebook, Google, etc)
And what I have now is the
sign in URL - https://sso.domain.com/saml/idp/profile/redirectorpost/sso
sign out URL - https://sso.domain.com/saml/idp/profile/post/sls
However, I cannot find the document that describes how to setup the configuration of SAML 2.0 in identity server 4 startup.cs file. I think the configuration should look like the following based on the sample available at: https://github.com/Sustainsys/Saml2/blob/master/Samples/SampleAspNetCore2ApplicationNETFramework/Startup.cs
services.AddAuthentication()
.AddSaml2(options =>
{
options.SPOptions.EntityId = new EntityId("...");
options.IdentityProviders.Add(
new IdentityProvider(
new EntityId("..."), options.SPOptions)
{
LoadMetadata = true,
});
options.SPOptions.ServiceCertificates.Add(new X509Certificate2("..."));
}
);
In the sample there are two url's
What do these represent?
Can somebody tell me how to setup all the options for SAML2 in identity server 4?
There is a sample IdSrv4 in another branch: https://github.com/Sustainsys/Saml2/tree/netstandard/Samples/SampleIdentityServer4
There are working IdentityServer4 samples in https://github.com/Sustainsys/Saml2/tree/master/Samples