Open sadilchamishka opened 10 months ago
In SAML applications, the IdP certificate is retrieved from GET /identity/metadata/saml2
[1][2], We should call the same endpoint and show an option in the IDP UI to download the certificate.
[1] curl 'https://localhost:9443/t/carbon.super/identity/metadata/saml2' \ -H 'Access-Control-Allow-Origin: https://localhost:9001/t/carbon.super/console' \ -H 'Accept: application/json' \ -H 'Referer;' \ -H 'Authorization: Bearer 3d2a15ec-959e-3ae4-a26a-54062e37179a' \ -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36' \ --compressed \ --insecure
[2]
Marking as on hold as this is not currently a critical requirement.
EDIT: Currently a user can create a SAML app, download the IdP certificate from its info tab and use it to configure their external identity provider. Hence, marked as non-critical and on-hold.
Marking as on hold as this is not currently a critical requirement.
This is not a new feature. We cannot break/remove any feature (unless it's deprecated) that we already had.
Based on this comment https://github.com/wso2/product-is/issues/18020#issuecomment-1837051387, removing the on-hold label. @pavinduLakshan
If a user wants to configure Asgardeo as an external OIDC IDP, currently there is no way to download the public certificate from the OIDC application created in Asgardeo side.
Describe the issue:
When onboard a SAML IDP connection, the public certificate of the Identity server should be shared with the external IDP. The current SAML IDP connection template doesn't have an option to download/get the public certificate.
Ideally, the public certificate of the IS should be able to download from the SAML connection template to increase the user experience.
Expected behavior:
A kind of view (only the certificate) which can be seen in the SAML App info tab should be available for the SAML connection.
Environment information (Please complete the following information; remove any unnecessary fields) :