Thanks for response,
This is pretty much the same conclusion we've come to today as well, so thanks for confirming that! Very reassuring for us at this early stage.
As you suggested, we've already been using _samlIdentityProvider.InitiateSsoAsync
to make a call to a 3rd party SP who have set up a test account for us. We're definitely get passed all the steps locally our end to prep the assertion, do all the signing/encrypting, and posting the assertion, but we're failing to log in. Without another external SP to test with at the moment, we can't tell if this is an issue with them or us, so I guess we'll look at some other SPs we can test with tomorrow. Any suggestions greatly welcomed.
One comment we have picked up that our current SP has mentioned is that they don't support SP initiated SAML, seems they only want the assertion/SAML Response. Does this change any of the configuration or calls we make our end in a standard IdP Initiated SSO type project?