Our recommendation is to use the SAML high-level API wherever possible as it's much easier to use.
The authn request URL includes the SAML authn request as the SAMLRequest query string parameter. In other words, it's using the HTTP-Redirect rather than the HTTP-Post binding.
IdentityProvider.ReceiveAuthnRequestByHTTPPost expects the SAML authn request to be sent using HTTP-Post and throws the exception you see if this isn't the case.
You should call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.
If you were to use the SAML high-level API, SAMLIdentityProvider.ReceiveSSO automatically handles receiving the SAML authn request using either HTTP-Post or HTTP-Redirect.
Regards ComponentSpace Development
|