What should go into the "Issuer" field?
chtenb opened this issue · comments
chtenb commented
In the sample code when creating a authentication request, the issuer is set to the application URL.
var request = new AuthRequest(
"http://www.myapp.com", //TODO: put your app's "unique ID" here
"http://www.myapp.com/SamlConsume" //TODO: put Assertion Consumer URL (where the provider should redirect users after authenticating)
);
I've noticed that when I leave this empty, everything seems to "just work". What is the purpose of this field?
Alexander Yumashev commented
It's an informational field that defines your app uniquely. It might work, but it makes it hard to look through the logs afterwards.
chtenb commented
Thanks!
chtenb commented
This is also commonly referred to as "entity ID", correct?
Alexander Yumashev commented
Yes, correct. We should probably rename that field to remove confusion