Verify user credentials via SAML (E-Signature)
I have a requirement to extend a quality assurance process in the customers CRM system so that when the user enters some data he or she is prompted to a screen with username and password and the already logged in user is again verified. You can think of it as a means of signing a document. We have to be sure that the person filling in the data is really the person logged in.
Now we use SSO with ADFS as the IDP. Thus my question: Is it possible to craft a SAML AuthNRequest with username and password and send it via POST request to the IDP and check the response for the authentification result?
I tried searching for an example AuthnRequest, yet from my understanding you are not supposed to send the username and password in the outgoing SAML.
Is there another way to verify the users SSO credentials for ADFS?
