SAML Configuration
The SAML API uses SAML configuration for various settings including SAML provider names, X.509 certificates, endpoints and processing flags.
SAML configuration may be specified declaratively using XML or programmatically using the SAML configuration APIs.
Note
SAML configuration is distinct from SAML metadata.
SAML metadata is a standard format used to exchange configuration information between SAML providers. SAML configuration is the local configuration used by the application to implement SAML SSO.
SAML Configuration Options
The options for specifying SAML configuration are:
| Approach | When to Use | Key Benefits |
|---|---|---|
| XML configuration | - Configuration changes infrequently - Configuration can be stored in files - No database-backed configuration is required |
- Simplest approach - Familiar ASP.NET configuration model |
| Configuration API | - Configuration changes infrequently - Configuration is stored outside XML files - Configuration can be loaded at application startup |
- Full programmatic control - Suitable for startup-time initialization |
| ISAMLConfigurationResolver | - Configuration changes frequently - Configuration must be resolved dynamically per request or per tenant - Multi-tenant or SaaS scenarios |
- On-demand configuration resolution - Avoids application restarts when configuration changes |
Each approach is valid and, if required, switching between them is relatively straightforward.
If you are unsure which approach to take, we generally recommend XML configuration unless database-backed or dynamically resolved configuration is required.