...
The <mdattr:EntityAttributes> element and the name of the SAML Attribute (urn:oasis:names:tc:SAML:attribute:assurance-certification) are defined by the OASIS SAML V2.0 Metadata Extension for Entity Attributes and the OASIS SAML V2.0 Identity Assurance Profiles, respectively.
A complete, working metadata sample is attached to this wiki topic. To schema validate this sample metadata, you can use xmlsectool:
| Code Block | ||||
|---|---|---|---|---|
| ||||
xmlsectool.sh --validateSchema \
--schemaDirectory schema-files --inFile incommon-idp-metadata.xml
|
For convenience, we provide a set of (suitably modified) schema files that permit offline schema validation.
Issues
- The entity attribute and/or the IAQ has to be dated or versioned to indicate exactly what IAP is referred to.
...