I suggest taking a look at our SAML Primer to understand the flow. https://www.componentspace.com/Forums/8237/SAML-v20-PrimerI want to make sure you understand that all messages between the identity provider (IdP) and service provider (SP) sites are sent via the browser. There's no direct communication (eg REST APIs) between the two sites. Your backend application would act as the SP and ADFS would act as the IdP. Please note that in SAML SSO, the SP never sends the IdP the user's password. ADFS will prompt for the user's name and password. What you're trying to do is certainly possible and we have customers successfully doing this. However, if you don't have to use SAML to authenticate to ADFS, you might want to consider using OAuth or OIDC. These protocols are available in the latest release of ADFS.
Regards ComponentSpace Development
|