FirebaseAdmin.Auth.Providers.SamlProviderConfigArgs

Represents a SAML auth provider configuration.

Summary

See SAML technical overview.

Inheritance

Inherits from: FirebaseAdmin.Auth.Providers.AuthProviderConfigArgs< T >

Properties

CallbackUrl
string
Gets or sets the SAML callback URL.
IdpEntityId
string
Gets or sets the SAML IdP entity identifier.
RpEntityId
string
Gets or sets the SAML relying party (service provider) entity ID.
SsoUrl
string
Gets or sets the SAML IdP SSO URL.
X509Certificates
IEnumerable< string >
Gets or sets the collection of SAML IdP X.509 certificates issued by CA for this provider.

Properties

CallbackUrl

string CallbackUrl

Gets or sets the SAML callback URL.

This is fixed and must always be the same as the OAuth redirect URL provisioned by Firebase Auth, https://project-id.firebaseapp.com/__/auth/handler unless a custom authDomain is used. The callback URL should also be provided to the SAML IdP during configuration.

IdpEntityId

string IdpEntityId

Gets or sets the SAML IdP entity identifier.

RpEntityId

string RpEntityId

Gets or sets the SAML relying party (service provider) entity ID.

This is defined by the developer but needs to be provided to the SAML IdP.

SsoUrl

string SsoUrl

Gets or sets the SAML IdP SSO URL.

X509Certificates

IEnumerable< string > X509Certificates

Gets or sets the collection of SAML IdP X.509 certificates issued by CA for this provider.

Multiple certificates are accepted to prevent outages during IdP key rotation (for example ADFS rotates every 10 days). When the Auth server receives a SAML response, it will match the SAML response with the certificate on record. Otherwise the response is rejected. Developers are expected to manage the certificate updates as keys are rotated.