ComponentSpace

Forums



How to authenticate and consume a secure api using SAML with Mutual TLS exchange


How to authenticate and consume a secure api using SAML with Mutual...

Author
Message
naba
naba
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Awaiting Activation
Posts: 2, Visits: 13
I am trying to consume a secure api, after authenticating using SAML with mutual TLS exchange. 
Is there a sample using component space to achieve the same? Thanks
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Do you mean you're using SAML for SSO or is the SAML assertion a security token that's part of the secure API?

Or is the mutual TLS exchange used to secure the API?

Could you elaborate on how SAML is involved with your secure API?

Thanks.

Regards
ComponentSpace Development
naba
naba
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Awaiting Activation
Posts: 2, Visits: 13

Sorry for not being clear, I think I am trying to break it down myself.

We are trying to SSO to one of our partners website from our ASP.NET website
Partner site uses, SAML authentication via API service and  Mutual TLS authentication on https to make connection extra secure

I was wondering if I can do this with component space. Thanks. 
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Do you know what they mean specifically by an API service?

SAML SSO is a browser based protocol with SAML messages typically sent via the browser. It's not an API service where the service provider (SP) site makes a web or REST API call to the identity provider (IdP) site.

If you were making an API call it would make sense to support mutual TLS authentication. However, for SAML SSO I'm not sure it does. For most SAML flows there's no direct connection between the SP and IdP. HTTP connections are between the browser and the IdP or SP.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search