You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Frequently Asked Questions

These are frequently asked questions (FAQs) regarding the metadata-driven web pages.

Terminology

What is SAML?

For information about Security Assertion Markup Language (SAML), visit the SAML section of this wiki.

What is an IdP?

An Identity Provider (IdP) is a SAML entity that authenticates and identifies users. In a technical sense, an IdP produces SAML assertions containing a security context for an authenticated user.

What is an SP?

A Service Provider (SP) is a SAML entity that consumes SAML assertions for the purpose of provisioning a security context to applications just-in-time.

What is a category?

A category is a group of SAML entities with similar characteristics. For example, the Research and Scholarship Category is a group of SPs that support research and scholarly activities in the InCommon Federation.

General Questions

What are metadata-driven web pages?

The metadata-driven web pages are dynamic web pages derived entirely from InCommon metadata.

What are entity info pages?

An entity info page includes information about one specific SAML entity (an identity provider or a service provider) in Federation metadata.

What do the entity info pages contain?

Each entity page contains:

  • the name and logo of the identity provider or service provider
  • a short description of the identity provider or service provider
  • a URL that leads to additional information
  • a URL that leads to a privacy statement
  • contact information (names and email addresses for the administrative, technical, and support contacts in metadata)
  • for service providers, a list of requested attributes in metadata

What are MDUI elements?

MDUI elements in Federation metadata are used by downstream applications to construct rich, dynamic user interfaces (UIs). Specifically, user interface elements in IdP metadata are used for the discovery and error pages at the service provider, while user interface elements in SP metadata are used for the login, consent, and error pages at the identity provider. The goal is to unify the various user interfaces associated with cross-domain single sign-on, thereby enhancing the overall user experience.

How do I add MDUI elements to my metadata?

Detailed instructions, including screen shots, are available on the User Interface Elements page in this wiki.

Why can’t I change the name of my identity provider?

Currently, to insure accurate representation of IdPs on discovery interfaces, the Federation operator is authoritative for the display names of identity providers. Therefore it is not possible for site admins to change the display name of their IdP directly. If you think the display name of your IdP should be changed, please contact admin@incommon.org.

I can’t find a page for my service provider! What’s up with that?

If your service provider is listed in InCommon metadata, then there's an entity page for it (if not, that's a bug). There's a catch-all "other" category for SPs that don't have display names. Most likely, your SP falls into that category. You can fix this simply by providing a display name for your SP. See the User Interface Elements page in this wiki for details.

Why doesn’t my service provider have a name?

By default, a service provider's name is its entityID in metadata. To change this to something more readable, include an <mdui:DisplayName> element in your SP's metadata. See the UI Elements in SP Metadata page in this wiki for details.

I updated my InCommon metadata but the changes did not appear on my entity page?

The entity pages rely on metadata in JSON format. An automatic process converts XML metadata into JSON metadata once a day, so it may take up to 24 hours for your changes to take effect. See the MD-driven Web Page Architecture page in this wiki for details.

The logo takes a very long time to display on my entity page, what should I do?

Since the entity pages resolve an image resource that resides in another security domain, some delay is expected. If you find this delay to be annoying, please contact us (admin@incommon.org) and let us know.

One of the links on the entity page is broken, who should I report this to?

Oops, that means a broken link was entered into metadata. Please drop us a line at admin@incommon.org and we'll take care of this.

Can I link to an entity page from one of my own web pages?

Yes, of course, but the entity pages are still in beta and they are likely to move in the future. If they are moved, we will be careful to put redirects in their place, but it's your responsibility to maintain your own links.

  • No labels