A basic website that uses SAML to authenticate users at the Curity Identity Server.
The code example demonstrates control over user attributes issued to SAML assertions.
Use the following commands to run a basic SAML flow on a local computer.
First, get a license file for the Curity Identity Server with access to the SAML feature.
Also make sure that your local computer runs Docker, the OpenSSL tool and the jq tool.
Then run the deploy script to spin up a local Curity Identity Server instance.
export LICENSE_FILE_PATH=~/Desktop/license-trial.json
./idsvr/deploy.shSign in to the Admin UI at https://localhost:6749/admin with credentials admin / Password1.
Use the facilities menu to export the certificate of the default signature verification key.
Save it to the root folder of this project with the name default-signature-verification-key.pem.
The example deployment stores user accounts in a Microsoft SQL Server database.
The Data Sources README explains briefly how to connect to it and view user attributes.
Wait for a minute or so to ensure that the Curityy Identity Server and database are ready.
Then run the SAML website with the following commands:
npm install
npm startOpen the browser at http://localhost:3000 and sign in as the pre-shipped user demouser / Password1.
The app runs a SAML login flow and receives a signed assertion with user attributes.
The app then runs a cookie-based web session and can implement authorization with the user attributes.
See the following related information for further details on SAML integrations:
Please visit curity.io for further information about the Curity Identity Server.