Azure AD B2C中的自定义SAML iDP是否支持iDP启动的SSO? [英] Is iDP initiated SSO supported with a custom SAML iDP in Azure AD B2C?

问题描述

我正在努力添加自定义SAML 2.0身份提供程序(Okta)以与我的B2C租户一起使用.我已经配置了它，当我从应用程序启动登录时，它工作得很好.但是，当我从身份提供者(Okta)启动登录时，它无法登录.我第一次尝试从B2C收到此错误:未指定第一步，或者第一步不是索赔交换".由于该错误，我从自定义策略中删除了多余的声明提供程序，因此ClaimsExchange是第一步，然后收到此错误，不支持指定的方法."

I am working on adding a custom SAML 2.0 identity provider (Okta) to use with my B2C tenant. I have configured it and it works great when I initiate the login from my application. However, when I initiate the login from the identity provider (Okta) it fails to login. The first attempt I received this error from B2C: "does not specify first step or the first step is not a claims exchange". As a result of this error, I removed the extra claims providers from the custom policy so the ClaimsExchange was the first journey step and then I received this error, "Specified method is not supported.".

是否支持此方案?如果是这样，需要对自定义策略进行哪些更改以支持它?

Is this scenario supported? If so, what changes to the custom policies need to be done to support it?

推荐答案

是，支持启动IdP，您可以在

Yes IdP initiated is supported, you can found information and documentation here https://github.com/azure-ad-b2c/saml-sp/tree/master/policy/SAML-Idp-Initiated

这篇关于Azure AD B2C中的自定义SAML iDP是否支持iDP启动的SSO?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！