The Rock Solid Knowledge SAML SP component supports overriding service provider configuration options per challenge request using SamlChallengeProperties.
The following options are overridable per request:
ForceAuthentication: Sets theForceAuthnattribute on generated SAML requests, requesting that the IdP re-authenticate the userAllowedIdPs: An advisory list of identity providers that are deemed acceptable to respond to the authentication requestSubject: Sets the optional "Subject" element in the SAML authentication request. You can find details about this property at Login Hints.RequestedAuthenticationContext: Set the Requested Authentication Context element for the request.ChallengeBindingType: Set the BindingType used for the Saml Authn Request
Usage
The SamlChallengeProperties sets configuration options for an authentication session.
HttpContext.ChallengeAsync("saml-idp", new SamlChallengeProperties
{
AllowedIdPs = new List<string>
{
"urn:identityserver",
"https://local.idp"
}
});