All of each entity's metadata is contained in an
<EntityDescriptor> XML element with an
entityID XML attribute. This entityID must be globally unique and, therefore, must in the form of a URL rooted in the entity's organization's domain, as described in saml-metadata-entityid. For more information, see:
These elements provide contact information for people who have various roles (administrative, technical, security, and support) for the entity, as described in saml-metadata-contacts. For more information, see:
The <Organization> element provides information about the organization that is legally responsible for the entity, including the organization's legal name, preferred display name, and home page URL. This information is vetted by InCommon and stored in the metadata for all of the organization's entities.
These elements provide information to help end users to navigate the handoffs between a Service Provider and the user's Identity Provider during discovery and login, as described in saml-metadata-mdui-elements and saml-metadata-error-url. For more information, see:
These are the signing and encryption keys associated with the Connection Endpoints to verify authenticity and provide privacy of the information exchanged, as described in saml-metadata-cryptographic-keys.
Qualifications and capabilities are formal assertions of specific information about the entity, generally related to how it should be treated by other entities, as described in metadata-qualifications-and-capabilities.
For more information, see:
This element identifies the registration authority (i.e., the entity's federation) that enrolled this entity, verified its contacts, and reviewed its entity attributes (when review is required). For more information, see:
In addition to the information provided for each entity, there is information that allows you to verify the organization (in this case, InCommon) that publishes the metadata that you retrieve.
<mdrpi:PublicationInfo>element. For aggregates published by InCommon, this is
. For more information, see:
<Signature>element can be (and should be) used to verify that the information was signed by the private key held by the expected publisher.
The following metadata elements also appear in InCommon metadata:
The SAML representation of InCommon metadata is defined in
Please see the OASIS SAML Wiki for current versions of these documents. Other specifications may apply in specific circumstances, as noted in the pages linked below. (Note: Per the eduGAIN Policy Framework, the "md:" XML namespace prefix indicated below does not always appear in distributed metadata. In particular, InCommon-registered metadata does not include the prefix.)