How can I provide the username/email to the identity provider to be pre-filled in the IdP’s username box?

Question

I am using itfoxtec-identity-saml2 library to integrate with OneLogin SSO, so How can I send the username/email to the identity provider to be pre-filled in the IdP’s username box? I know we can use the optional Subject/NameID field in the AuthnRequest message sent from the SP to the Idp to request a specific subject from the Idp. Have you guys done this using ITfoxtec SAML 2.0 MVC?

Anders Revsgaard · Accepted Answer · 2019-06-20T15:38:13.920

The currently ITfoxtec Identity SAML 2.0 version do not support the Authn Request Subject element with NameID.

The Subject with NameID is supported from version 3.1.0-beta1 https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/releases/tag/3.1.0-beta1. This beta version also adds support for Azure Key Vault.

Please let me know if the beta version works for you.

The selected NameID is added to the Subject on the Saml2AuthnRequest:

[Route("Login")]
public IActionResult Login(string returnUrl = null)
{
    var binding = new Saml2RedirectBinding();
    binding.SetRelayStateQuery(new Dictionary<string, string> { { relayStateReturnUrl, returnUrl ?? Url.Content("~/") } });

    return binding.Bind(new Saml2AuthnRequest(config)
    {
        Subject = new Subject { NameID = new NameID { ID = "abcd" } },
    }).ToActionResult();
}

* Update *

Version 4.0.0 is released supporting Subject with NameID.

How can I provide the username/email to the identity provider to be pre-filled in the IdP’s username box?

1 Answers1

Linked