The new InCommon Metadata Distribution Service, based on the Metadata Query (MDQ) protocol, is now available as a Release Candidate. This new service supports realtime per-entity metadata query. It eliminates the need for metadata consumers to load the entire metadata aggregate and saves a ton of system resources and start up time.
InCommon will transition to this new service in the coming months. To begin working with it, visit the new InCommon Metadata Service Wiki.
The InCommon Metadata Service provides a secure and trusted mean to introduce Identity Providers (IdPs) and Service Providers (SPs) to each other and to exchange critical organizational identity, service location/capability, and contact information.
The metadata (InCommon Metadata) published through this service is the trusted registry of that exchange and introduction. In a very real sense, the InCommon Metadata powers the Federation.
The InCommon Federation gathers entity metadata submitted by Participants, aggregates it with published metadata from the eduGAIN global inter-federation, and distributes it as a series of metadata aggregates. Participants download the metadata aggregate from the distribution server and configure the IdP or SP software to read the downloaded copy.
See Download InCommon metadata to find available aggregates.
Also see Consume InCommon metadata to learn best practices when configuring your IdP or SP to consume InCommon metadata.
Managing your InCommon metadata
As part of complying with the InCommon Participation Agreement, Participants agrees to provide accurate entity metadata for their IdPs and SPs to the InCommon Federation via Federation Manager. InCommon staff, as the Federation Operator, validates the submitted metadata and publishes it to the registry. This process ensures the security and integrity of the SAML protocol exchanges used throughout the federation.
InCommon Federation participants can upload and manage its entity metadata via Federation Manager.
In July 2019, the InCommon Federation will launch the Release Candidate version of its new Metadata Query Protocol (MDQ) based Metadata query service. The MDQ-based service allows metadata consumers to lookup individual entity metadata at run time through web query. There is no more need to download and pre-load a large metadata aggregate at system start up time. The MDQ-based metadata service will eventually replace the current aggregates.
For more information on how to use the new metadata service, see InCommon Metadata Service Wiki.
InCommon metadata conforms to the OASIS SAML V2.0 Metadata specification and is schema-valid against the OASIS SAML V2.0 Metadata schema, which is an XML Schema. A handful of extension schema published by OASIS are supported as well.
A secure, offline metadata signing process aggregates metadata registered by InCommon Participants together with metadata imported from eduGAIN and pushes the signed metadata aggregates to a secure, publicly accessible metadata server.
Can't find what you are looking for?