...
- Choose the right metadata aggregate for your particular deployment
- Deploy and configure an automated metadata refresh process:
- Configure your metadata client
- Adjust your outbound firewall rules (if necessary)
- Verify the XML signature on downloaded metadata (see below)
- Validate the expiration date on downloaded metadata (see below)
Warning | ||
---|---|---|
| ||
Don't forget to adjust your outbound firewall rules for all metadata endpoint locations. |
Signature Verification
Federation metadata is signed for integrity and authenticity. Participants are strongly encouraged to verify the XML signature on the metadata file before use; failure to do so will seriously compromise the security of your SAML deployment.
...