- Created by Albert Wu (internet2.edu), last modified on Jun 12, 2019
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 24 Next »
Jump to:
Update Pending
This page needs content clean up.
About the InCommon Metadata Service
The InCommon Metadata Service provides a secure and trusted mean to introduce Identity Providers (IdPs) and Service Providers (SPs) to each other and to exchange critical organizational identity, service location/capability, and contact information.
The metadata (InCommon Metadata) published through this service is the trusted registry of that exchange and introduction. In a very real sense, the InCommon Metadata powers the Federation.
Using the InCommon metadata
The InCommon Federation gathers entity metadata submitted by Participants, aggregates it with published metadata from the eduGAIN global inter-federation, and distributes it as a series of metadata aggregates.
For more information see InCommon Metadata Service Wiki.
Managing your InCommon metadata
As part of complying with the InCommon Participation Agreement, Participants agrees to provide accurate entity metadata for their IdPs and SPs to the InCommon Federation via Federation Manager. InCommon staff, as the Federation Operator, validates the submitted metadata and publishes it to the registry. This process ensures the security and integrity of the SAML protocol exchanges used throughout the federation.
InCommon Federation participants can upload and manage its entity metadata via Federation Manager.
Transitioning to a queryable Metadata Service
Starting July 2019, the InCommon Federation transitions to a new metadata query service based on the Metadata Query Protocol. An MDQ-based service allows metadata consumers to lookup individual entity metadata at run time through web query. There is no more need to download and pre-load a large metadata aggregate at system start up time.
For a limited time, the legacy metadata aggregates is still available at its previous location.
Eventually the unwieldy metadata aggregates will give way to per-entity distribution methods such as those based on the Metadata Query Protocol.
Technical information on metadata format
InCommon metadata conforms to the OASIS SAML V2.0 Metadata specification and is schema-valid against the OASIS SAML V2.0 Metadata schema, which is an XML Schema. A handful of extension schema published by OASIS are supported as well.
InCommon metadata is translated from XML to JSON on a daily basis. The latter are used to render the Federation Info Pages. See the wiki topic on Metadata-Driven Web Pages for more information.
A secure, offline metadata signing process aggregates metadata registered by InCommon Participants together with metadata imported from eduGAIN and pushes the signed metadata aggregates to a secure, publicly accessible metadata server.
Further Reading
- Consume InCommon metadata
- Publish metadata in InCommon
- Metadata signing process
- Managing trust in keys used for metadata
- Metadata-Driven Web Pages
- Shibboleth documentation on metadata
configure Download InCommon metadata
In this section
Related content
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
Get help
Can't find what you are looking for?
- No labels