These are frequently asked questions (FAQs) regarding the metadata-driven web pages.
For information about Security Assertion Markup Language (SAML), visit the SAML section of this wiki.
An Identity Provider (IdP) is a SAML entity that authenticates and identifies users. In a technical sense, an IdP produces SAML assertions containing a security context for an authenticated user.
A Service Provider (SP) is a SAML entity that consumes SAML assertions for the purpose of provisioning a security context to applications just-in-time.
A category is a group of SAML entities with similar characteristics. For example, the Research and Scholarship Category is a group of SPs that support research and scholarly activities in the InCommon Federation.
The metadata-driven web pages are dynamic web pages whose content is derived entirely from InCommon metadata. Examples of metadata-driven web pages include the entity info pages and the organization info pages.
The metadata-driven web pages rely on metadata in JSON format. An automatic process converts XML metadata into JSON metadata once a day, so it may take up to 24 hours for your changes to take effect. See the MD-driven Web Page Architecture page in this wiki for details.
Oops, that means a broken link was mistakenly entered into metadata. Please drop us a line at firstname.lastname@example.org and we'll take care of this.
Yes, of course, but the metadata-driven web pages are still in beta and they are likely to move in the future. If they are moved, we will be careful to install redirects if necessary, but it's your responsibility to maintain your own links.
We provide lists of all entities in Federation metadata. Individual entity info pages include information about a specific SAML entity (an identity provider or a service provider) in Federation metadata.
Each entity page contains:
MDUI elements are User Interface Elements in metadata that are used by downstream applications to construct rich, dynamic user interfaces (UIs). Specifically, UI elements in IdP metadata are used for the discovery and error pages at the service provider, while UI elements in SP metadata are used for the login, consent, and error pages at the identity provider. The goal is to unify the various user interfaces associated with cross-domain single sign-on, thereby enhancing the overall user experience.
Detailed instructions, including screen shots, are available on the User Interface Elements page in this wiki.
Currently, to insure accurate representation of IdPs on discovery interfaces, the Federation operator is authoritative for the display names of identity providers. Therefore it is not possible for site admins to change the display name of their IdP directly. If you think the display name of your IdP needs to be changed, please contact email@example.com.
If your service provider is listed in InCommon metadata, then there's an entity page for it (if not, that's a bug). There is, however, a catch-all "other" category for SPs that don't have display names. Most likely, your SP falls into that category. You can fix this simply by providing a display name for your SP. See the User Interface Elements page in this wiki for details.
By default, a service provider's name is its
entityID in metadata. To change the name to something more readable, simply include an
<mdui:DisplayName> element in your SP's metadata. See the UI Elements in SP Metadata page in this wiki for details.
Since the entity pages attempt to resolve an image resource that resides in another security domain, some delay is expected. If you find this delay to be annoying, please contact us (firstname.lastname@example.org) and let us know.
We provide lists of all organizations in Federation metadata. Individual organization info pages include information about a specific organization in Federation metadata.
Each organization page contains:
All information on these pages is derived from InCommon metadata, and therefore the lists of organizations include only those InCommon participants with published metadata. Visit the InCommon Participants page for a complete list of all participating organizations.
If your organization is not currently a member of the InCommon Federation (and therefore not represented on these info pages), please join the Federation! All InCommon participants are eligible and encouraged to take advantage of all that federated identity and access management has to offer.