Search Results :

×

ASP.NET as SAML Identity Provider Setup Guide

ASP.NET as SAML identity provider module provides a ready-to-use solution for SAML 2.0 login using ASP.NET credentials. ASP.NET SAML IdP module acts as a SAML 2.0 identity provider which can be configured to establish the trust between the ASP.NET application and various SAML 2.0 supported service providers such as WordPress, Drupal, Moodle and many more to securely authenticate the users using the ASP.NET application credentials.

Steps to configure ASP.NET as SAML Identity Provider



1. Pre-requisites: Download & Installation

To install the module using the NuGet package, follow the steps given below:

  • Contact us for the ASP.NET SAML IDP NuGet package.
  • After integration, open your browser and browse the module dashboard with the URL below:
    https://<your-application-base-url>/?ssoaction=config
    • ASP.NET as SAML Identity Provider | ASP.NET SAML IDP | .NET IDP - Register for ASP.NET IDP module
  • Register into the module.

2. Configure the ASP.NET SAML IDP Plugin

  • In the Database Connection tab, connect your application database by providing the appropriate information and clicking the Save button.
    • ASP.NET as SAML Identity Provider | ASP.NET SAML IDP | .NET IDP - Save Database Connections
  • Go to the Identity Provider Settings tab and provide the IdP metadata to your service provider by downloading the metadata file or copying it manually.
    • ASP.NET as SAML Identity Provider | ASP.NET SAML IDP | .NET IDP - ASP.NET Identity Metadata
  • You will now be required to provide the service provider metadata to your ASP.NET SAML IdP module.
  • Open the Service Provider Settings in your ASP.NET application where you can provide these service provider metadata.
    • ASP.NET as SAML Identity Provider | ASP.NET SAML IDP | .NET IDP - Configure Service Provider
  • You can fill in the details manually or by using the Upload SP Metadata button. You will be able to upload all the metadata using a Metadata XML file or a Metadata URL.

3. Code Integration

To send the details from ASP.NET to your service provider in the form of SAML tokens first, we will be required to set the authenticated user details in session variables.

  • Suppose, if you want to send user details like email address, username, firstname, etc., you can put those details in session variables after your authentication mechanism. Refer to the sample code below: HttpContext.Session["Username"] = "<Authenticated_User_Username>";
    HttpContext.Session["Email"] = "<Authenticated_User_Email>";
    HttpContext.Session["Firstname"] = "<Authenticated_User_Firstname>";
    HttpContext.Session["Lastname"] = "<Authenticated_User_Lastname>";
  • Map these same session variables in the ASP.NET SAML IdP plugin so that the plugin understands which session values needs to be sent actually in the SAML tokens.
  • NameID is the default SAML attribute which you can set to the given values.
    • ASP.NET as SAML Identity Provider | ASP.NET SAML IDP | .NET IDP - Attribute Mapping
  • Once everything above is completed, you can initiate the SSO from your .NET application using the following link for the authenticated user: https://[Your-Application-Base-URL]/?ssoaction=idpinitiatedsso
  • For example, you can use it as HTML anchor tag or HTML button on your site after a user is authenticated on .NET application. <a href=”https://base-url/?ssoaction=idpinitiatedsso”>Login</a>

Additional Resources


Need Help?

Not able to find your service provider? Mail us on aspnetsupport@xecurify.com and we'll help you set up SSO with your SP and for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com