Previous Topic: Using the .NET SDK

Next Topic: Program Flow at the Relying Party

.NET SDK GuideUsing the .NET SDKProgram Flow at the Asserting Party

Program Flow at the Asserting Party

With Federation Manager at the asserting party, a .NET application can provide Federation Manager with user identity information. Program flow with Federation Manager at the asserting party proceeds as follows:

  1. The .NET application calls the .NET SDK to generate an open format cookie with identity information.
  2. The .NET SDK returns an encrypted cookie. The key used to encrypt the cookie is derived from a shared secret, communicated between Federation Manager and the application out-of band.
  3. The .NET application sends the cookie to Federation Manager at the asserting party.
  4. Federation Manager receives and decrypts the cookie.
  5. Federation Manager extracts user identity information from the cookie.
  6. Optionally, Federation Manager can modify the cookie by updating or adding attributes.
  7. Federation Manager inserts the user identity information into a SAML Assertion.

The following diagram shows program flow at the asserting party:

This diagram shows how the Federation Manager Asserting Party Operates