The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 28 Next »

Metadata Administration

This page is for site administrators responsible for creating and maintaining SAML metadata on behalf of their organization. For a high-level overview of InCommon Federation metadata, please visit our web site.

The metadata submitted by the site administrator is vetted and approved by the InCommon Registration Authority (RA). Since the security of the SAML protocol depends on the proper use of metadata, the RA checks the correctness and integrity of what is submitted by the site administrator. In particular, the RA checks that the certificates and endpoints in metadata meet certain basic requirements. For instance, all URIs in metadata are expected to be rooted in the primary DNS domain of the submitting organization. If not, a manual vetting process is triggered.

Web Interface

A web interface is used to administer InCommon metadata. The interface supports both IdP and SP metadata. The elements of each are referenced in the following sections.

For convenience, a sample interface for new IdPs is attached to this wiki page. Likewise a sample interface for new SPs is attached. To actually create metadata for a new IdP or SP, or to edit the metadata for an existing IdP or SP, login to the web interface with the credentials that were issued to you when your organization joined InCommon. Alternatively, a site administrator may delegate administration of SP metadata to another individual.

IdP Metadata Elements

The following elements are called out in IdP metadata.

For IdP deployments based on the Shibboleth software, there is valuable information in the shib wiki regarding metadata for the Shibboleth IdP.

SP Metadata Elements

The following elements are called out in SP metadata.

For SP deployments based on the Shibboleth software, there is valuable information in the shib wiki regarding metadata for the Shibboleth SP.

InCommon Extension Schema

InCommon has defined a small set of extensions to SAML metadata where necessary. An XML extension schema is provided.

  File Modified
No files shared here yet.
#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels