How do I create a request that uses the Saml or Google IDP for authorization? My understanding is that if I put "acr_values=idp:Google" in my request then the request will be routed through my Google Idp path. Likewise if I put "acr_values=idp:saml2p" it should go through my Saml Idp. Is it a different path? Right now the request goes to localhost:98575/connect/token.
Here is my current Request:
POST /connect/token HTTP/1.1
Host: localhost:98575
Authorization: Basic SomethingEncrypted
Cache-Control: no-cache
Postman-Token: AGuid
Content-Type: application/x-www-form-urlencoded
grant_type=password&scope=customScope+openid+offline_access&[email protected]&password=SomePassword&acr_values=idp:GoogleHere is a snippet from my IdentityServer Starup.cs file:
public static void ConfigureIdentityProviders(IAppBuilder app, string signInAsType)
{
var authServicesOptions = new KentorAuthServicesAuthenticationOptions(false)
{
SPOptions = new SPOptions
{
EntityId = new EntityId("http://sp.example.com")
},
SignInAsAuthenticationType = signInAsType,
AuthenticationType = "saml2p",
Caption = "SAML2p",
};
authServicesOptions.IdentityProviders.Add(new IdentityProvider(
new EntityId("http://stubidp.kentor.se/Metadata"),
authServicesOptions.SPOptions)
{
LoadMetadata = true,
});
app.UseKentorAuthServicesAuthentication(authServicesOptions);
var google = new GoogleOAuth2AuthenticationOptions
{
AuthenticationType = "Google",
Caption = "Google",
SignInAsAuthenticationType = signInAsType,
ClientId = "767400843187-8boio83mb57ruogr9af9ut09fkg56b27.apps.googleusercontent.com",
ClientSecret = "5fWcBT0udKY7_b6E3gEiJlze"
};
app.UseGoogleAuthentication(google);
The acr_values with "idp:foo" is only used for the authorization endpoint, not the token endpoint. IOW, it's only used to automatically redirect the user in the browser to the indicated external identity provider.