Skip to content

SAML Configuration API

SAML configuration may be supplied programmatically through the configuration API.

This approach is typically used when configuration is loaded from a database or other external source at application startup.

SAML configuration is accessed through the SAMLController.Configuration property.

Local Service Provider Example

The following is an example of setting the service provider configuration.

In practice, these values are typically retrieved from a database or other external configuration store rather than being hard-coded.

public static void ConfigureSAML()
{
    SAMLConfiguration samlConfiguration = new SAMLConfiguration()
    {
        LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration()
        {
            Name = "https://ExampleServiceProvider",
            AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx",
            LocalCertificates = new List<CertificateConfiguration>()
            {
                new CertificateConfiguration()
                {
                    FileName = @"certificates\sp.pfx",
                    Password = "password"
                }
            }
        }
    };

    samlConfiguration.AddPartnerIdentityProvider(
        new PartnerIdentityProviderConfiguration()
        {
            Name = "https://ExampleIdentityProvider",
            SingleSignOnServiceUrl = "https://localhost:44390/SAML/SSOService.aspx",
            SingleLogoutServiceUrl = "https://localhost:44390/SAML/SLOService.aspx",
            PartnerCertificates = new List<CertificateConfiguration>()
            {
                new CertificateConfiguration()
                {
                    FileName = @"certificates\idp.cer",
                }
            }
        });

    SAMLController.Configuration = samlConfiguration;
}

Local Identity Provider Example

The following is an example of setting the identity provider configuration.

In practice, these values are typically retrieved from a database or other external configuration store rather than being hard-coded.

public static void ConfigureSAML()
{
    SAMLConfiguration samlConfiguration = new SAMLConfiguration()
    {
        LocalIdentityProviderConfiguration = new LocalIdentityProviderConfiguration()
        {
            Name = "https://ExampleIdentityProvider",
            LocalCertificates = new List<CertificateConfiguration>()
            {
                new CertificateConfiguration()
                {
                    FileName = @"certificates\idp.pfx",
                    Password = "password"
                }
            }
        }
    };

    samlConfiguration.AddPartnerServiceProvider(
        new PartnerServiceProviderConfiguration()
        {
            Name = "https://ExampleServiceProvider",
            AssertionConsumerServiceUrl = "https://localhost:44338/SAML/AssertionConsumerService.aspx",
            SingleLogoutServiceUrl = "https://localhost:44338/SAML/SLOService.aspx",
            PartnerCertificates = new List<CertificateConfiguration>()
            {
                new CertificateConfiguration()
                {
                    FileName = @"certificates\sp.cer"
                }
            }
        });

    SAMLController.Configuration = samlConfiguration;
}

Updating SAML Configuration

Updating the SAML configuration through the configuration API is intended for infrequent changes. For scenarios requiring frequent or per-request configuration changes, ISAMLConfigurationResolver should be used instead.