The Rock Solid Knowledge SAML SP component supports overriding service provider configuration options per challenge request using SamlChallengeProperties
.
The following options are overridable per request:
ForceAuthentication
: Sets theForceAuthn
attribute on generated SAML requests, requesting that the IdP re-authenticate the userAllowedIdPs
: An advisory list of identity providers that are deemed acceptable to respond to the authentication requestSubject
: Sets the optional "Subject" element in the SAML authentication request. You can find details about this property at Login Hints.
Usage
The SamlChallengeProperties
sets configuration options for an authentication session.
HttpContext.ChallengeAsync("saml-idp", new SamlChallengeProperties
{
AllowedIdPs = new List<string>
{
"urn:OpenIddict",
"https://local.idp"
}
});