[英]How to sign request with Kentor SAML2 Token
If I want to call some API (rest service) after SAML2 authentication, how can I send signed request with SAML2 token to that IdP API server? 如果要在SAML2身份验证后调用某些API(REST服务),如何将带有SAML2令牌的签名请求发送到该IdP API服务器?
For example I'm signed in, but I want some additional data from IdP. 例如,我已登录,但是我希望从IdP获得一些其他数据。 I guess I need to provide SAML2 token. 我想我需要提供SAML2令牌。
There is unfortunately no build in support in AuthServices for forwarding the received SAML2 assertion in a REST call. 不幸的是,AuthServices中没有内置支持可用于在REST调用中转发接收到的SAML2断言。
REST is usually handled by OAuth2/OpendID Connect instead of SAML2. REST通常由OAuth2 / OpendID Connect而非SAML2处理。 But if you are ready to do some coding yourself you could set the SaveBootstrapContext flag to true in the identity configuration (in web.config if you use that, in SpOptions.SystemIdentityModelIdentityConfiguration if you config in code). 但是,如果您准备自己进行一些编码,则可以在身份配置中将SaveBootstrapContext标志设置为true(如果使用,则在web.config中;如果在代码中进行配置,则在SpOptions.SystemIdentityModelIdentityConfiguration中)。 That will preserve the assertion on the generated identity. 这将保留对所生成身份的断言。 Then you can pick that upp and use it in your REST calls. 然后,您可以选择该upp并在REST调用中使用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.