Sep 11 2020 04:31 AM
Hi.
I was wondering if everyone knows if azure B2C could be configured as a service provider with SPID acting as Identity provider. SPID is the authentication system that allows citizens to access online services of the Italian public administration entities.
SPID is SAML based but needs some customizations of saml authentication request, here some details unfortunately only in italian: https://docs.italia.it/italia/spid/spid-regole-tecniche/it/stabile/single-sign-on.html ).
Basically, compared to standard SAML, NameQualifier attribute is mandatory and it is necessary to include <RequestedAuthnContext> tag. Here an example:
samlp:RequestedAuthnContext Comparison="minimum"> <saml:AuthnContextClassRef> https://www.spid.gov.it/SpidL2 </saml:AuthnContextClassRef> </samlp:RequestedAuthnContext>
Thanks.
Jul 15 2021 12:28 AM
Dear @fabriziodinapoli,
The saml:AuthnContextClassRef can be included in the authentication request Azure AD B2C sends to the SPID identity provider. For more information, please see: Configure SAML identity provider options with Azure Active Directory B2C
Yoel