The InCommon Metadata Service provides a secure and trusted mean to introduce Identity Providers (IdP) and Service Providers (SP) to each other and to exchange critical organizational identity, service location/capability, and contact information.
The metadata (InCommon Metadata) published through this service is the trusted registry of that exchange and introduction. In a very real sense, the InCommon Metadata powers the Federation.
The InCommon Federation gathers entity metadata submitted by Participants, combines them with published metadata from the eduGAIN global inter-federation, and distributes the combined dataset via a real-time metadata query service based on the Metadata Query Protocol (MDQ). Visit the new InCommon Metadata Service Wiki for details on how to use MDQ to retrieve published metadata.
When signing the InCommon Participation Agreement, a Participant agrees to provide accurate entity metadata for its IdP and SP to the InCommon Federation. InCommon staff, as the Federation Operator, validates the submitted metadata and publishes it to the registry. This process ensures the security and integrity of the SAML protocol exchanges used throughout the federation.
InCommon Federation participants can upload and manage its entity metadata via Federation Manager.
InCommon metadata conforms to the OASIS SAML V2.0 Metadata specification and is schema-valid against the OASIS SAML V2.0 Metadata schema, which is an XML Schema. A handful of extension schema published by OASIS are supported as well.
InCommon metadata is translated from XML to JSON on a daily basis. The latter are used to render the Federation Info Pages. See the wiki topic on Metadata-Driven Web Pages for more information.
A secure, offline metadata signing process aggregates metadata registered by InCommon Participants together with metadata imported from eduGAIN and pushes the signed metadata aggregates to a secure, publicly accessible metadata server.