1

I have a application build with .NET Core. This application is very simple, but the problem is that I have to integrate a 2FA app (PingId) for double security instead of one simple Login. I am guided to use SAML, for building bridges between Service Provider and Identity Provider. I have found some solutions online, and one of them that is open source is itfoxtec.identity.saml2.

What I want to know is that, is there anyone who can clear the way how this works? I mean I cannot understand some url in appsetting.json file.

Here is a demo of this file:

https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2/blob/master/test/TestWebAppCore/appsettings.json

For example IdPMetadata key is a xml file that has to be provided by Identity Provider administrator?

SigningCertificateFile is a generated certificate by my Service Provider app or is something builded inside the application, if that is how to generate it?

Endri Liçkollari
  • 23
  • 1
  • 12

1 Answers1

1

Yes, the identity provider (IdP) should expose a SAML 2.0 metadata endpoint, the URL is added in the IdPMetadata.

The TestIdPCore sample is for testing the samples and to show how to implement a SAML 2.0 based IdP.

Your application (relaying party RP) needs a certificate, which is e.g., added as a file in SigningCertificateFile.

Anders Revsgaard
  • 3,636
  • 1
  • 9
  • 25
  • 1
    I have another question to you. .prx files (certificates) are certificates of SP ( Service Provider ) or is certificate of IdP ( Ping Federate ). I ask because I must generate metadata for SP, and as I looked at solutions .prx files are required. Also, can I generate metadata without .prx file but only with metadata.xml that IdP provided me? – Endri Liçkollari Apr 05 '22 at 09:38
  • You need to generat or by a .prx certificates for the SP which contain both the public and private keys. Code to generate certificate https://github.com/ITfoxtec/FoxIDs.Samples/blob/master/src/AspNetCoreSamlSample/Startup.cs#L47 and https://github.com/ITfoxtec/FoxIDs.Samples/blob/68fa50844faeaa796ec2f70bd97def797a2eeeb6/src/FoxIDs.SampleHelperLibrary/TestCertificate.cs – Anders Revsgaard Apr 08 '22 at 10:21