I am using ITfoxtec.Identity.Saml2.Mvc version 4.7.1, .Net Framework version 4.7.2, and Duo Security for my IDp.
I've already tried this solution. When I use this example, it returns a Saml2AuthnResponse with a status of Responder
.
I have also tried adding Format
to the NameID
as shown below. I have confirmed that the format matches the setting in Duo Security.
var config = new Saml2AuthnRequest(IdentityConfig.Saml2Configuration)
{
Subject = new Subject { NameID = new NameID { ID = form.EmailAddress,
Format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" } }
};
And tried added it this way:
var config = new Saml2AuthnRequest(IdentityConfig.Saml2Configuration)
{
NameId = new Saml2NameIdentifier(form.EmailAddress),
};
Which does return a success status but it then redirects to a page to enter the email address. I am wanting it to go straight to the password input page.
Your code looks correct:
You are getting the Responder status from Duo Security, which means they have experienced an error. I think you need to ask Duo Security what error they are experiencing and what they support.