Page History

...

Note

title	Requirements for new entity IDs

InCommon will verify that all newly submitted entity IDs meet the following Strict requirements:

An

entity ID

entityID MUST be

a URI but SHOULD NOT be a URNThe entity ID SHOULD be an absolute URL with the following properties:the

an absolute URI
If the entityID is a URL, the host part of the URL MUST be a name rooted in

the organization's Primary DNS Domain

a domain owned by the organization

Strong recommendations:

An entityID SHOULD be an absolute URL starting with “https://” or “http://”
1. The URL SHOULD

the URL MUST

1. NOT contain a port number, a query string, or a fragment identifier
2. The host part of the URL SHOULD NOT contain the substring “www”
3. The URL SHOULD NOT end with a slash (/)
An entityID SHOULD NOT be more than 30 characters in length

If a site administrator submits metadata with some other form of an entity ID that does not meet the above requirements, a manual vetting process is triggered, which may delay the approval process.

...

include the substring "idp" or "identityprovider" in an IdP entity ID
include the substring "sp" or "serviceprovider" in an SP entity ID
do not include the substring "incommon" in an entity ID
do not include the name of your SAML software in an entity ID ("shibboleth", "adfs", "php", etc.)
an URL-based entity ID starting with "https://" is more flexible than one starting with "http://"
avoid using substring "www" in an URL-based entity ID
do not end an URL-based entity ID with a slash (/)
do not include a port number, a query string (?), or a fragment identifier (#) in an URL-based entity ID

Examples

IdP names:

https://webauth.example.edu/idp
https://its.example.edu/idp

...

Child pages

Versions Compared

Old Version 43

New Version Current

Key

Examples