SAML with oauth in web api

Question

0.00/5 (No votes)

See more:

Hi Every one

I am developing the web api project in that i implemented the OAuth Security but now the client want saml with oauth so i don't have an idea how to implement saml i searched lot of sites but i did not get the idea of code. and also how to configure IDP and SP with our app please give the example step by step how to implement it.

What I have tried:

i have tried the code in lot of sites and the tools which are mentioned on that sites.
also tried the code project example but i don't know the configuration of IDP An SP
with service please any one can help me to come out from this one

Posted 19-Dec-16 22:20pm

Member 12376348

Updated 19-Dec-16 23:15pm

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Afzaal Ahmad Zeeshan · Answer 1 · 2016-12-19T23:15:00

SAML is just a standard, it entirely is in your hands to implement it, you can use any way to do so. What you need to use in this case is email address of the user, instead of your application ID and a secret token. You will have a mechanism to communicate between two or more organizations based on a self-defined handshake. In OAuth you used the application, and then asked user to authenticate the application, but here you are doing opposite — you want to create and share user information. The complete idea is explained fairly in the Use section of SAML[^].

Also read, authentication - SAML vs federated login with OAuth - Stack Overflow[^]

Since you are talking about ASP.NET Web API, just use ASP.NET Identity, it has most of the features already introduced in it. You can also integrate it with Active Directory for organization's internal usage.