+xThanks for the log. It shows a SAML response being sent by your IdP using the HTTP Post SAML binding. SAML SSO is a browser based protocol. What this means is that the HTTP Post binding results in an HTML form containing the encoded SAML response as well as some JavaScript being returned in the HTTP response. The browser should execute the JavaScript which automatically submits this form. The result is an HTTP Post of the SAML response to the SP's assertion consumer service. I think the issue is that you're performing this in the context of an API controller. Even if the HTML form and JavaScript is returned successfully in the HTTP response, the caller of your API method would have to handle this correctly. It's much easier to let the browser handle the SAML SSO flow and not initiate SSO from within the content of a web API call. The same applies at the SP side as well. I suggest using the browser developer tools (F12) to take a look at the network traffic to see what I mean. Thanks for the response. I have converted my webapi to mvc controllers. now in the browser dev tools i receive the following error the error message: <html> <body> <noscript> <p> Since your browser doesn't support JavaScript, you must press the Continue button to proceed. </p> </noscript> <form id="samlform" action=".......DART/SAML/AssertionConsumerService" method="post" target="_self"> <div> <input type="hidden" name="SAMLResponse" value="............." </div> <noscript> <div> <input type="submit" value="Continue"/> </div> </noscript> </form> </body> <script> function submitForm() { document.forms.samlform.submit(); } if (document.readyState === "loading") { document.addEventListener("DOMContentLoaded", submitForm); } else { submitForm(); } </script> </html>
|