Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class Duende.IdentityServer.Saml.Configuration.SamlServiceProviderOptions
Assembly: Duende.IdentityServer
Inheritance: object → SamlServiceProviderOptions
Configuration options for a standalone SAML 2.0 Service Provider authentication scheme, registered via the AddSamlServiceProvider extension methods on AuthenticationBuilder.
Properties
public
string
SpEntityId
The entity ID of this Service Provider. Required.
public
string
ModulePath
The module path that the Saml2 handler intercepts for ACS and metadata
callbacks. Defaults to <c>/Saml2</c> .
public
string
SignInScheme
Authentication scheme to sign in with to establish a session after SAML
authentication completes. When <c>null</c> , the default sign-in scheme
is used.
public
string
SignOutScheme
Authentication scheme to sign out with when a logout request is received
from the identity provider. When <c>null</c> , the default sign-out scheme
is used.
public
string
OutboundSigningAlgorithm
The signing algorithm to use for outbound SAML requests. Defaults to
<c>http://www.w3.org/2001/04/xmldsig-more#rsa-sha256</c> .
public
bool
WantAssertionsSigned
Whether assertions from the identity provider must be signed. Defaults to
<c>true</c> .
public
string
IdpEntityId
The entity ID of the remote SAML identity provider. Required.
public
string
SingleSignOnServiceUrl
The URL of the Single Sign-On service on the remote identity provider.
public
string
SingleLogoutServiceUrl
The URL of the Single Logout service on the remote identity provider.
When not set, outbound logout requests are disabled.
public
System.Collections.Generic.IList<string>
SigningCertificatesBase64
Base64-encoded X.509 certificates used to validate signatures from the
remote identity provider. Multiple certificates can be provided to
support key rotation.
public
SamlBindingType
BindingType
The SAML binding type to use when sending authentication requests.
Defaults to <see cref="F:Duende.IdentityServer.Saml.Configuration.SamlBindingType.HttpRedirect" /> .
public
bool
AllowUnsolicitedAuthnResponse
Whether to allow unsolicited (IdP-initiated) authentication responses.
Defaults to <c>false</c> .
public
string
SpSigningCertificateBase64
Base64-encoded X.509 certificate (with private key, PKCS#12) used by the SP to sign
outbound SAML messages (AuthnRequests, LogoutResponses). Required when the remote
IdP expects signed requests or when single logout is used.
public
string
SpSigningCertificatePassword
Optional password for the PKCS#12 SP signing certificate.
Methods
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object