The services.AddAuthentication().AddSaml… call enables the SAML authentication handler. This is demonstrated by our MiddlewareServiceProvider. As an alternative, you don’t have to use middleware but instead can call our SAML API as demonstrated by our ExampleServiceProvider.
The two approaches are documented in our Developer Guide and Examples Guide PDFs that you’ll find in the documentation folder.
If you use the middleware approach, the SAML authentication handler will automatically login the user when the SAML response is received. It does this by calling HttpContext.SignInAsync. The first parameter to this call is the sign-in scheme to use which may be specified using the SamlAuthenticationOptions.SignInScheme property. The default scheme is “Identity.External”.
For cookie authentication, you should set this option to CookieAuthenticationDefaults.AuthenticationScheme.
I’m not sure if you’ve seen this but the following article describes cookie authentication. https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-2.2
The difference though is that the SAML authentication handler is making the call to HttpContext.SignInAsync rather than your application.
If you use the API approach instead, you would make the HttpContext.SignInAsync call directly in your code.