ASP.Net core

Authenticate an Azure AD user with SAML for ASP.NET Core

The other day I needed a test application to try something with SAML support in Azure Active Directory. I started looking how to configure an ASP.NET Core webapplication to support SAML. It’s very easy to set it up for OIDC authentication but I found out ASP.Net (core) doesn’t support SAML out of the box. Google to the rescue and ignoring the blogpost from my colleague Christos (he’s wrong, it’s WS-Fed not SAML he’s using in his blogpost) , I found a few 3rd parties who build support for ASP.

Configure Domain_hint in core

This took me way to much time to figure out since there is a ton of old information on the internet. I wanted to change the default behavior when people are logging in to my ASP.NET Core website using Azure Active Directory (or Microsoft Identity Platform). After some searching I figured out how to change this setting. You have to add the following piece of code to the ConfigureService method in your Startup.