We have a multi-tenant application that uses service-provider-initiated SAML authentication. There are multiple
SAML identity providers, potentially a different one for each tenant. The URL that initially invokes the application
provides the tenant id as a url query parameter. We use that id to lookup the identity provider information, and
initiate the SAML flow.
We need to retain the tenant id between the initial entry to the app, and the entry that results from the POST request
that contains the SAML assertion. We have been keeping this information in an ASP.Net cookie, but this is unsatisfactory
for security reasons, and due to the recent browser changes involving "samesite". Does the ComponentSpace library provide
a better means of retaining this information? Perhaps in its own session state - can we add into that?