SAML v2.0 for ASP.NET

Fully Compliant with the SAML v2.0 Specification

The SAML v2.0 component for ASP.NET is fully compliant with the OASIS Security Assertion Markup Language v2.0 specification.

It’s been tested successfully against Google Apps, Salesforce, Office 365, ADFS, Azure AD, Shibboleth and many more SAML offerings for interoperability.

Thousands of our clients have been using our award winning components in production systems throughout the world for many years.

SAML v2.0
SAML Profiles

All SAML v2.0 profiles are fully supported, acting as either the identity provider or service provider.

  • Web browser single sign-on (identity provider and service provider initiated)
  • Single logout
  • Artifact resolution
  • Identity provider discovery
  • Authentication, attribute and assertion query
  • Name identifier management and mapping
SAML Protocols

All SAML v2.0 protocols are fully supported.

  • Create, modify and access SAML protocol messages
  • Serialize SAML messages to and from XML
  • Generate and verify XML signatures (SHA-1 and SHA-256) on SAML messages
SAML Bindings

All SAML v2.0 bindings are fully supported.

  • HTTP Redirect
  • HTTP Artifact
  • SOAP
  • PAOS
SAML Assertions

SAML v2.0 assertions are fully supported.

  • Create, modify and access SAML assertions
  • Serialize SAML assertions to and from XML
  • Generate and verify XML signatures (SHA-1 and SHA-256) on SAML assertions
  • Encrypt and decrypt SAML assertions, attributes and identifiers
SAML Metadata

SAML v2.0 metadata is fully supported.

  • Create, modify and access all SAML metadata
  • Serialize to and from XML
  • Generate and verify XML signatures (SHA-1 and SHA-256) on SAML metadata
Platform Support

The SAML component supports all the .NET framework versions from v2.0 and above. This includes support for Visual Studio 2008, 2010, 2012, 2013, 2015 and 2017. Both 32-bit and 64-bit versions of Windows Server 2008, 2012, 2016, as well as Windows 7, 8 and 10, are supported.

High-Level API

A high-level, configuration-driven API provides a very simple to use interface that hides the mechanics of SAML SSO. This makes it easy to add SSO functionality to your web application with just a few lines of code. Configuration changes, including adding support for additional partner identity providers or service providers, may be made with zero code changes.

Low-Level API

A low-level API provides complete control and flexibility. The API provides accesses to the SAML profiles, protocols, bindings, assertions and metadata. The high-level API is implemented using the low-level API. For most scenarios, the high-level API provides all the control you need in a simpler interface. For those situations where this isn’t enough, the low-level API is available.

Example Projects

Example ASP.NET projects, with full source code, are included. The examples demonstrate:

  • Acting as the identity provider (IdP)
  • Acting as the service provider (SP)
  • Identity provider initiated SSO
  • Service provider initiated SSO
  • Setting and retrieving SAML attributes
  • Logout
  • SAML metadata creation and consumption
  • OWIN ASP.NET Identity integration

ASP.NET example projects are included demonstrating integration with:

Source Code

For your assurance and convenience, the complete source code for the component is available for purchase.


For consulting and implementation inquires, contact us at