Versions Compared

Old Version 38

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version Current

changes.mady.by.user Albert Wu (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 

Warning
titleThe InCommon Federation wiki has moved.


We have exciting news! An updated InCommon Federation wiki is now available. Please visit the new InCommon Federation Library for updated content.

This wiki is preserved for historical records only. It will no longer be updated. 

We invite you to come check out the new Library. Don't forget to update your bookmarks accordingly. 


Button Hyperlink
iconsearch
titleVisit the InCommon Federation Library wiki
typeprimary
urlfederation:InCommon Federation Library


Metadata Administration

This page is for site administrators responsible for creating and maintaining SAML metadata on behalf of their organization.

The metadata submitted by the site administrator is vetted and approved by the InCommon Registration Authority (RA). Since the security of the SAML protocol depends on the proper use of metadata, the RA checks the correctness and integrity of what is submitted by the site administrator. In particular, the RA checks that the certificates entity ID and endpoints in metadata meet certain basic requirements. For instance, all URIs in metadata are expected to be rooted in the primary DNS domain of the submitting organization. If not, a manual vetting process is triggered.

...

InCommon also incorporates metadata administered by other federations.  See Interfederation and eduGAIN for more information.

Current administrative campaigns:

...

Federation Manager

A web interface called the Federation Manager is used to administer InCommon metadata. The interface supports both IdP and SP metadata. The elements of each are referenced in the following sections.

For reference, a InCCollaborate:sample interface for new IdPs is attached to this wiki page. Likewise a InCCollaborate:sample interface for new SPs is attached.

Note

New IdPs in Metadata must meet some basic requirements before their metadata will be approved

IdP Metadata Elements

IdP Metadata Elements

Div
stylefloat:right;margin-left:1em;margin-bottom:1ex


Note

Planning to register a new IdP in metadata?


The following elements are called out in IdP metadata.

For IdP deployments based on the Shibboleth software, there is valuable information in the shib Shibboleth wiki regarding metadata for the Shibboleth IdP.

For a discussion of the desirability of registering test IdPs in metadata, see Test IdPs in Metadata.

SP Metadata Elements

Div
stylefloat:right;margin-left:1em;margin-bottom:1ex


Tip

Tips on how to manage SP metadata


The following elements are called out in SP metadata.

For SP deployments based on the Shibboleth software, there is valuable information in the shib Shibboleth wiki regarding metadata for the Shibboleth SP.

InCommon Extension Schema

InCommon has defined a small set of extensions to SAML metadata where necessary. An XML extension schema is provided.

...

Attachments