Skip to main content

Notifications

Announcements

Welcome to the Power Platform Communities - Lets Get Started!
News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Power Pages - Power Apps Portals / How to customize SAML ...
Power Pages - Power Apps Portals
Suggested answer

How to customize SAML Payload for Power Pages

(1) ShareShare
ReportReport
Posted on by Cadia Stands 4
I am trying to connect the out of the box Power Pages SAML Provider to use Login.gov as an Identity provider.
 
Login.gov requires specifically formatted SAML Payload that Power Pages does not provide by default, mainly regarding the AuthNContextClass attribute.
 
I do not see any way to format the SAML Payload using published methods from Microsoft in the Power Pages documentation. The redirect is coming from .../Account/Login/ExternalLogin when the signin form posts.
 
To add to this, I have seen exactly one site that is accomplishing the connection to Login.gov and decoding their SAML payload it has been customized to fit the requirements from Login.gov:
https://oscportal.powerappsportals.us/Account/Login/Register?returnUrl=%2F
 
 
I have been unable to determine how exactly the payload is being customized - not finding any Azure B2C as a middle man, and no javascript that would do this. There is zero documentation available from Microsoft in how to accomplishing this. 
 
Just curious if anyone has had any success in this area and if they could share their insight
Categories:
General
  • Suggested answer
    Jon Unzueta Profile Picture
    Jon Unzueta 751 on at
    How to customize SAML Payload for Power Pages
     

    You're absolutely right — integrating Login.gov as a SAML identity provider with Power Pages is not straightforward due to Login.gov’s strict SAML requirements, particularly around the AuthnContextClassRef attribute.

    🔍 Why This Happens

    Power Pages' out-of-the-box SAML 2.0 provider setup does not expose a way to customize the SAML request payload, including the AuthnContextClassRef, which Login.gov requires to be explicitly set (e.g., urn:oasis:names:tc:SAML:2.0:ac:classes:IAL2).

    ✅ What You Can Do

    1. Use Azure AD B2C as a Proxy (Recommended)

    Microsoft officially supports using Azure AD B2C with custom policies (IEF) to integrate with Login.gov. This allows you to:

    • Fully customize the SAML request.
    • Set the required AuthnContextClassRef.
    • Handle encryption and signing requirements.

    Once configured, you can connect Power Pages to Azure AD B2C (which then federates to Login.gov).

     Microsoft’s GitHub repo has a Login.gov + Azure AD B2C sample .

     

    2. Direct Integration with Power Pages (Not Currently Supported)

    As of now, Power Pages does not support customizing the SAML AuthN request directly. The /Account/Login/ExternalLogin endpoint is managed internally and does not allow injection or override of the AuthnContextClassRef.

    What That One Working Site Might Be Doing

    The site you referenced (oscportal.powerappsportals.us) may be:

    • Using Azure AD B2C as a proxy, but hiding it well.
    • Using a custom external identity provider with a reverse proxy or middleware.
    • Possibly using custom JavaScript or server-side logic to redirect to a pre-built SAML request (though this is unlikely without Azure B2C or a custom IdP).

    Next Steps

    If you're open to it, I can help you:

    • Set up a custom policy in Azure AD B2C for Login.gov.
    • Connect that B2C tenant to your Power Pages site.
     
    🏷️ Tag me if you have any further questions or if the issue persists.
    ✅ Click "Accept as Solution" if my post helped resolve your issue—it helps others facing similar problems.
    ❤️ Give it a Like if you found the approach useful in any way.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

Welcome to the Power Platform Communities - Lets Get Started!

Quick Links

Michael Gernaey – Community Spotlight

We are honored to recognize Michael Gernaey as our June 2025 Community…

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Announcing the Engage with the Community forum!

This forum is your space to connect, share, and grow!

Leaderboard >

Last month Overall leaderboard

Featured topics

Updates on Power Apps Portals - PLEASE READ

Product updates

Microsoft Power Platform Community release plans