fusionauth-samlv2
ASP.NET SAML
fusionauth-samlv2 | ASP.NET SAML | |
---|---|---|
3 | 14 | |
5 | 339 | |
- | 0.3% | |
4.6 | 5.7 | |
2 months ago | 2 months ago | |
Java | C# | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
fusionauth-samlv2
-
php-saml VS fusionauth-samlv2 - a user suggested alternative
2 projects | 25 May 2023
This repository is SAML v2.0 bindings in Java using JAXB.
-
Supabase Auth: SSO, Mobile, and Server-Side Support
Disclosure, I work for FusionAuth, which can both integrate with and compete with Supabase.
Welcome, Supabase, to the world of SAML/SSO. It's a hairy one, but single sign-on is undifferentiated and really great for customers, so I'm glad you joined.
A few thoughts:
* Consider adding identity linking to your roadmap. I noticed[0] that you don't support it, and will create duplicate accounts if someone uses SSO with the same email address that an existing account has. As a model, FusionAuth offers seven linking strategies[1]. This flexibility lets you handle more use cases.
* I'd encourage you (and your customers) to test across as many SPs as you can. SAML is an 800+ page specification and even though we've been offering SAML for over 10 years and have open sourced our bindings[2], we still have edge cases that pop up.
* I'd love to add FusionAuth as a SAML SSO provider to your docs, so will put that on our team's doc roadmap and submit a PR. :)
* Not related to SAML, but I'm glad that you are working towards supporting PKCE. I hope you deprecate the implicit grant; the XSS threat is very real and the OAuth 2.1 spec (still in progress) basically deprecates that grant[3] throw omission. Also, we agree that setting cookies (HTTPOnly and secure, please) is a great way to store tokens[4] and that is worth requiring a server side component in applications.
Finally, I understand why this is part of a paid offering; SAML is often used to segment out enterprise customers with $$$. You like to make money, as do we all. But I'd encourage you to think about a free tier because it is so helpful to the user experience. Maybe 1 SAML connection could be part of the base offering?
0: https://supabase.com/docs/guides/platform/sso
1: https://fusionauth.io/docs/v1/tech/identity-providers/#linki...
2: https://github.com/FusionAuth/fusionauth-samlv2/commits/mast...
3: https://oauth.net/2.1/
4: https://fusionauth.io/learn/expert-advice/oauth/oauth-token-...
-
SAML Is Insecure by Design
We recommend OIDC, but support SAML because customers.
We implemented our own SAML processing library, too: https://github.com/FusionAuth/fusionauth-samlv2
(We pay for valid security bugs.)
ASP.NET SAML
-
Ask HN: Helpdesk/ticketing software for small SaaS company
I likeJitBit! Used it for a few years at my last role. https://www.jitbit.com/
- How to implement SAML in dotnet core?
- Finding the right ticketing/KB system
-
Ticketing system recommendations
We're very happy with Jitbit
- Self hosted/Docker for Inventory and Monitoring (spiceworks alternative)
- Whats your favorite ticketing system?
- What ticketing system do you guys use? (I did some research looking for more opinions)
-
What's your favorite service desk software?
I've heard JitBit is a good alternative to Jira.
-
Software Recommendations: Help Desk System / OS Deployment
I use JitBit for Helpdesk software. If you're looking for a simple helpdesk that's not crammed full of bells and whistles that you don't need, I would recommend it.
-
SSO via SAML 2.0 in ASP.NET core and Idp
I have to integrate SSO for an API. I found this lib for this purpose https://github.com/jitbit/AspNetSaml. So it looks pretty easy.
What are some alternatives?
saml-idp - Simple SAML Identity Provider (IdP)
ASP.NET Identity
shib-sp - Containerized Shibboleth SP
DotNetOpenAuth
mundane - Mundane is a Rust cryptography library backed by BoringSSL that is difficult to misuse, ergonomic, and performant (in that order).
TwoFactorAuth.Net - .Net library for Two Factor Authentication (TFA / 2FA)
create-t3-turbo - Clean and simple starter repo using the T3 Stack along with Expo React Native and Supabase
GLPI - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.
schemainspect - Schema inspection for PostgreSQL (and potentially others).
CodeNode.Identity - An easy implementation for Identity framework for .net applications
Logibit Hawk - A F# Hawk implementation with a strongly typed API that guides your usage and minimises security programming errors.
PwdLess