The Incommon Federation wiki has moved.

Please visit the new InCommon Federation Library wiki for updated content. Remember to update your bookmarks.

Click in the link above if you are not automatically redirected in 15 seconds.



You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 29 Next »

User Interface Elements in IdP Metadata

This page describes how an IdP metadata administrator adds user interface elements to metadata. These elements are used by SP implementations to enhance their user interfaces. See the section on InCCollaborate:software support for a complete list of supported applications.

Contents:

Updating IdP Metadata

Login to the metadata administrative interface as usual. Along the left hand side, click on the link "Identity Provider Metadata Wizard," click "Edit," and then click "Add New User Interface Elements". A web form to enter the new elements will appear (see screen shot to the right).

When you press "Save," an <mdui:UIInfo> extension element is inserted into your metadata. From that point forward, you manage these elements the same as you would any other metadata element.

User Interface Elements

All of the input fields below except Display Name are optional for IdPs.

IdP Display Name

Typically, the value of the IdP Display Name field will be presented on discovery service interfaces. If the corresponding element does not exist in metadata, applications usually fall back on the <md:OrganizationDisplayName> element. The latter is a poor substitute for the IdP Display Name, however, since it assumes an organization deploys at most one IdP.

This element is REQUIRED in InCommon metadata.

IdP Description

A brief description (140 characters or less) of the IdP service may be provided. On systems that support a pointing device (such as a mouse), the description will pop up when the user hovers over the IdP Display Name.

This element is optional in InCommon metadata but IdP operators are encouraged to supply it.

IdP Information URL

A link to a more comprehensive information page may be provided. This page should expand on the content of the IdP Description field.

This element is optional.

IdP Privacy Statement URL

A link to the IdP's Privacy Statement may be provided. This Privacy Statement should be targeted at end users.

This element is optional. It is recommended that IdPs use this URL to point directly (or indirectly through another document) to the IdP's Attribute Release Process.

IdP Logo URL

The IdP Logo URL is optional but there are applications that can leverage the corresponding element in metadata. A discovery service, for example, may use a visual cue (i.e., a logo) instead of or in addition to the IdP Display Name.

IdP operators are encouraged to provide a IdP Logo URL that satisfies the following requirements:

  • the IdP Logo URL must be specified using an HTTPS URL
  • the resource at the IdP Logo URL must be a public image resource
  • the host in the IdP Logo URL must reside in a domain owned by the IdP

The first two are technical requirements whereas the latter is a policy requirement. These are the only strict requirements of an IdP Logo URL in metadata.

Logo HTTPS URL

The server that serves the logo resource should be protected with an SSL/TLS certificate trusted by the browser (i.e., not a self-signed certificate), otherwise the logo may not appear on a dynamically generated web page.

The actual size of the logo may vary. You will be asked to enter the actual width and height of the logo (in pixels). A typical application expects a maximum height of 150 pixels, and if need be, will scale the logo proportionally based on the actual width and height entered into metadata.

Generally useful logos will have the following characteristics:

  • the logo should have a transparent background
  • the logo should have a landscape orientation (width > height)
  • the logo should have a minimum width of 100 pixels
  • the logo should have a minimum height of 75 pixels and a maximum height of 150 pixels (or the application will scale it proportionally)

Logos that meet the minimum width and height requirements can be scaled down by the application as needed. Logos that do not meet the minimum width and height requirements may be ignored by applications.

There is no consensus as to what constitutes an optimal aspect ratio. For some applications, an aspect ratio between 4:3 and 16:9 is considered optimal. Other applications will have a page layout such that an approximate 2.5 aspect ratio is optimal. A future version of the administrative interface will accept multiple logo URLs so that sites may present a variety of logos to applications.

Software Support

The InCommon Federation entity information pages display the values of all user interface elements in metadata. The information pages are refreshed daily, in parallel with InCommon metadata.

To our knowledge, the only application that supports the <mdui:UIInfo> extension element in IdP metadata is the Shibboleth Embedded Discovery Service. If you know of other software applications that support <mdui:UIInfo>, please share this information with the community.

#trackbackRdf ($trackbackUtils.getContentIdentifier($page) $page.title $trackbackUtils.getPingUrl($page))
  • No labels