ComponentSpace

Forums



Multiple Assertion consumer url


Multiple Assertion consumer url

Author
Message
jbhandal
jbhandal
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Awaiting Activation
Posts: 2, Visits: 32
Hello,
I read in a few forums that you provide the overload for SAMLServiceProvider.InitiateSSO(response, relayState, idp.Name, null, "ACS", null) where people need to use multiple ACSs.
However, I tired this with a few IDPs like ADFS ,okta and keycloak and I run in errors. I have to do something extra in the idp configuration to get it to work.

Is there something i am missing or i can do differently?
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Some IdPs check the ACS URL included in the SAML authn request against those listed for the SP at the IdP.

For example, with ADFS ensure the ACS URL is included in the relying party configuration.

Most SSO issues are related to configuration mismatches. If you're still seeing errors, you'll need to get the details from the IdP.

Regards
ComponentSpace Development
jbhandal
jbhandal
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Awaiting Activation
Posts: 2, Visits: 32
ComponentSpace - 4/21/2020
Some IdPs check the ACS URL included in the SAML authn request against those listed for the SP at the IdP.

For example, with ADFS ensure the ACS URL is included in the relying party configuration.

Most SSO issues are related to configuration mismatches. If you're still seeing errors, you'll need to get the details from the IdP.

Ya, that the issue, that i have to do extra stuff on the idp to make this overload method work.

Is there a way we can send multiple acs in the sp metadata to the IDP?
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Yes, multiple ACS URLs are supported by the SAML specification. We support this through our low-level API but currently it's not supported through our high-level API for constructing SAML metadata.

If you have SAML metadata already with a single ACS, you can simply edit the XML directly to add more ACS URLs.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search