ASP.NET as SAML identity provider
module provides a ready-to-use solution for SAML 2.0 login using ASP.NET
credentials. ASP.NET SAML IdP module acts as a SAML 2.0 identity provider
which can be configured to establish the trust between the ASP.NET application
and various SAML 2.0 supported service providers such as WordPress, Drupal,
Moodle and many more to securely authenticate the users using the ASP.NET
Steps to configure ASP.NET as SAML Identity Provider
The miniorange-saml-sso.dll file which will be required to put
in your application’s bin folder.
The saml.config file in the root directory of your application.
The integration.md file which contains the code to register the
module in your application. You will be required to add the following
code in your
web.config’s >> Configuration >> system.Webserver >> modules.
<add name="APIFilter" type="miniorangesamlsso.APIFilter"
After integration, open your browser and browse the module dashboard with
the URL below: https://<your-application-base-url>/?ssoaction=config
Register into the module.
2. Configure the ASP.NET SAML IDP Plugin
In the Database Connection tab, connect your application database
by providing the appropriate information and clicking the
Go to the Identity Provider Settings tab and provide the IdP
metadata to your service provider by downloading the metadata file or
copying it manually.
You will now be required to provide the service provider metadata to your
ASP.NET SAML IdP module.
Open the Service Provider Settings in your ASP.NET application
where you can provide these service provider metadata.
You can fill in the details manually or by using the
Upload SP Metadata
button. You will be able to upload all the metadata using a Metadata XML
file or a Metadata URL.
3. Code Integration
To send the details from ASP.NET to your service provider in the form of
SAML tokens first, we will be required to set the authenticated user details
in session variables.
Suppose, if you want to send user details like email address, username,
firstname, etc., you can put those details in session variables after your
authentication mechanism. Refer to the sample code below:
HttpContext.Session["Username"] = "<Authenticated_User_Username>";
HttpContext.Session["Email"] = "<Authenticated_User_Email>";
HttpContext.Session["Lastname"] = "<Authenticated_User_Lastname>";
Map these same session variables in the ASP.NET SAML IdP plugin so that
the plugin understands which session values needs to be sent actually in
the SAML tokens.
NameID is the default SAML attribute which you can set to the given
Once everything above is completed, you can initiate the SSO from your
.NET application using the following link for the authenticated user:
For example, you can use it as HTML anchor tag or HTML button on your site
after a user is authenticated on .NET application.
Not able to find your service provider? Mail us on
and we'll help you set up SSO with your SP and for quick guidance (via
email/meeting) on your requirement and our team will help you to select the
best suitable solution/plan as per your requirement.
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to firstname.lastname@example.org
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.