Automatic Key Management | SAML2P Documentation

Our SAML Identity Provider uses the IdentityServer key store to extract the configured keys. When using the Automatic Key Management feature of Duende IdentityServer, be aware that our component requires the use of X509 certificates and RS256 keys.

services.AddIdentityServer(options =>
{
    options.KeyManagement.Enabled = true;
    options.KeyManagement.SigningAlgorithms = new []
    {
        new SigningAlgorithmOptions("RS256") 
        {
            UseX509Certificate = true
        }
    };
});

Previous Next