This page describes how an IdP metadata administrator adds user interface elements to metadata. These elements are used by SP implementations to enhance their user interfaces. See the section on software support for a complete list of supported applications.
Contents:
Login to the metadata administrative interface as usual. Along the left hand side, click on the link "Identity Provider Metadata Wizard," click "Edit," and then click "Add New User Interface Elements". A web form to enter the new elements will appear (see screen shot to the right).
When you press "Save," an <mdui:UIInfo> extension element is inserted into your metadata. From that point forward, you manage these elements the same as you would any other metadata element.
All of the input fields below except Display Name are optional for IdPs.
The value of IdP Display Name inherits from the existing <md:OrganizationDisplayName> element in IdP metadata. Since the Federation is authoritative for the latter, the former is non-editable by the user.
Typically, the value of the IdP Display Name field will appear on the drop-down menu of discovery service interfaces. If the corresponding element does not exist in metadata, applications are required to fall back on the <md:OrganizationDisplayName> element. Since the two are necessarily the same in InCommon metadata, the same name will appear in the discovery interface in either case.
This element is required in InCommon metadata.
A brief description (140 characters or less) of the IdP service may be provided. On systems that support a pointing device (such as a mouse), the description will pop up when the user hovers over the IdP Display Name.
This element is optional in InCommon metadata but IdP operators are encouraged to supply it.
A link to a more comprehensive information page may be provided. This page should expand on the content of the IdP Description field.
This element is optional.
A link to the IdP's Privacy Statement may be provided. This Privacy Statement should be targeted at end users.
This element is optional. It is recommended that IdPs use this URL to point directly (or indirectly through another document) to the IdP's Attribute Release Process.
The IdP Logo URL is optional but there are applications that can leverage the corresponding element in metadata. A discovery service, for example, may use a visual cue (i.e., a logo) instead of or in addition to the IdP Display Name.
IdP operators are encouraged to provide a IdP Logo URL that satisfies the following requirements:
The first two are technical requirements whereas the latter is a policy requirement. These are the only strict requirements of an IdP Logo URL in metadata.
The actual size of the logo may vary. You will be asked to enter the actual width and height of the logo (in pixels). A typical application expects a maximum height of 150 pixels, and if need be, will scale the logo proportionally based on the actual width and height entered into metadata.
Generally useful logos will have the following characteristics:
Logos that meet the minimum width and height requirements can be scaled down by the application as needed. Logos that do not meet the minimum width and height requirements may be ignored by applications.
There is no consensus as to what constitutes an optimal aspect ratio. For some applications, an aspect ratio between 4:3 and 16:9 is considered optimal. Other applications will have a page layout such that an approximate 2.5 aspect ratio is optimal. A future version of the administrative interface will accept multiple logo URLs so that sites may present a variety of logos to applications.
The InCommon Federation entity information pages display the values of all user interface elements in metadata. The information pages are refreshed daily, in parallel with InCommon metadata.
To our knowledge, the only application that supports the <mdui:UIInfo> extension element in IdP metadata is the Shibboleth Embedded Discovery Service. If you know of other software applications that support <mdui:UIInfo>, please share this information with the community.