sav931
Reputation: 73
Kentor Identify Identity Provider After Acs ReturnUrl
I Have multiple identity providers defined to work with my AuthServices, Each of them send a SamlResponse to my AssertionService as is supposed to then redirect to my RedirectUrl like "ExternalLoginCallback" that is defined in Sustainsys.Saml2.StubIdp example. I have no way to know witch of Identity provider returned the externalIdentity, I have to check that the current user belongs this idp.
I hope I don't have to force them to send a special claim with there Idp Id or something like that.
Does it exist a way to pass the entityId between Acs to my callback action ?
thanks
Upvotes: 0
Views: 294
Answers (1)
sav931
Reputation: 73
Ok I found the answer...
I extract idp id from Claim Issuer like this :
var externalIdentity = context.Authentication.GetExternalIdentity(ExternalCookie.Name);
var idp = externalIdentity.FindFirst(AuthServicesClaimTypes.LogoutNameIdentifier)?.Issuer;
Upvotes: 1
Related Questions
- Kentor/Sustainsys redirects back to SP after receiving LogoutResponse from IDP
- How to set acr-values for Sustainsys external provider in identity server 3
- Kentor AuthServices/Owin - handling the response from the identity provider
- Kentor/Owin/Azure AD Authentication
- Kentor AuthServices: ClaimTypeNamespace for SessionIndex and LogoutNameIdentifier
- Kentor AuthService - Redirect to IDP from Browser URL
- Kentor Auth services SAML 2.0 -Service certificate
- Kentor Auth Services - Additional Claim
- Kentor AuthService - Read Subject NameID
- How to use Kentor AuthService to get additional assertion attributes