[Shibboleth Metadata Management UI/UX] All Content FeedConfluence Syndication Feedhttps://spaces.at.internet2.eduDeployment Instructionssean.porth@at.internet2.edutag:spaces.at.internet2.edu,2009:page-172263803-122024-03-26T17:08:20Z2020-09-10T17:08:42Z<div class="feed"> <p>
Page
<b>edited</b> by
<a href=" https://spaces.at.internet2.edu/display/~sean.porth@at.internet2.edu
">sean.porth@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p><style type='text/css'>/*<![CDATA[*/
div.rbtoc1711638417701 {padding: 0px;}
div.rbtoc1711638417701 ul {margin-left: 0px;}
div.rbtoc1711638417701 li {margin-left: 0px;padding-left: 0px;}
/*]]>*/</style><div class='toc-macro rbtoc1711638417701'>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-Requirements'>Requirements</a></li>
<li><a href='#DeploymentInstructions-Downloads'>Downloads</a></li>
<li><a href='#DeploymentInstructions-ConfigurationNotes'>Configuration Notes</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-DemoEnvironment'>Demo Environment</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-DockerTestbed'>Docker Testbed</a></li>
</ul>
</li>
</ul>
</li>
<li><a href='#DeploymentInstructions-DeploymentOptions'>Deployment Options</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-DeploymentviaDocker'>Deployment via Docker</a></li>
<li><a href='#DeploymentInstructions-DeploymentviaembeddedTomcatmode'>Deployment via embedded Tomcat mode</a></li>
<li><a href='#DeploymentInstructions-Deploymentviaexternalservletcontainer(Tomcat,Jettyetal)'>Deployment via external servlet container (Tomcat, Jetty et al)</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-ConfigureHTTPS'>Configure HTTPS</a></li>
</ul>
</li>
</ul>
</li>
<li><a href='#DeploymentInstructions-auth.optsAuthenticationOptions'>Authentication Options</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-Default-Single"root"user'>Default - Single "root" user</a></li>
<li><a href='#DeploymentInstructions-UsersDefinedviaFile'>Users Defined via File</a></li>
<li><a href='#DeploymentInstructions-UsersAuthenticatedviaShibbolethIDP'>Users Authenticated via Shibboleth IDP</a></li>
</ul>
</li>
<li><a href='#DeploymentInstructions-ConfigurationProperties'>Configuration Properties</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-DatabaseConfigurationviaapplication.yaml'>Database Configuration via application.yaml</a></li>
<li><a href='#DeploymentInstructions-app.propsapplication.propertiessettings'>application.properties settings</a></li>
<li><a href='#DeploymentInstructions-AdditionalConfigurationviaYAMLProperties'>Additional Configuration via YAML Properties</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-Attributes(forAttributeRelease)'>Attributes (for Attribute Release)</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-Defaultsattributes'>Defaults attributes</a></li>
</ul>
</li>
<li><a href='#DeploymentInstructions-RelyingPartyOverrides'>Relying Party Overrides</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-Defaultproperties'>Default properties</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
<li><a href='#DeploymentInstructions-StepstointegrateaSAML2basedIdPwithShibUI'>Steps to integrate a SAML2 based IdP with ShibUI</a>
<ul class='toc-indentation'>
<li><a href='#DeploymentInstructions-UsingTestbedEnvironment:'>Using Testbed Environment:</a></li>
<li><a href='#DeploymentInstructions-ShibUISetup'>ShibUI Setup</a></li>
<li><a href='#DeploymentInstructions-ShibbolethIdPSetup'>Shibboleth IdP Setup</a></li>
</ul>
</li>
<li><a href='#DeploymentInstructions-SuggestedSetupNote'>Suggested Setup Note</a></li>
<li><a href='#DeploymentInstructions-UserMaintenance'>User Maintenance</a></li>
<li><a href='#DeploymentInstructions-TAPBeaconinstrumentation'>TAP Beacon instrumentation</a></li>
</ul>
</div></p><p><br/></p><p>The SAML Metadata Configuration Manager (MCM) is built as a Java Spring Boot (<span> </span><a class="external-link" href="https://spring.io/projects/spring-boot" rel="nofollow">https://spring.io/projects/spring-boot</a><span> </span>) application. It can be run as a standalone web application that has Tomcat embedded in it. The same WAR file can be deployed into an external servlet container (standalone Tomcat etc). It can also be deployed using a Docker image. And in the Docker realm, the project also provides a full "testbed environment" that includes a database, an IdP, a LDAP server, etc.</p><p>The MCM currently supports three distinct roles:</p><ul><li><strong>ROLE_ADMIN</strong><span> </span>-- No limits, can do anything the MCM supports. Currently, Metadata Provider configuration (and filter configuration) requires<span> </span><strong>ROLE_ADMIN</strong><span> </span>access</li><li><strong>ROLE_USER</strong><span> </span>-- These users can only add individual metadata sources (single entityID SP metadata file), and modify metadata sources that they created. And when creating a new SP entry, that SP metadata will not be active until after a user with<span> </span><strong>ROLE_ADMIN<span> </span></strong>approves it.</li><li><strong>ROLE_ENABLE</strong><span> </span>– These are "enhanced" ROLE_USER users that have the ability to<span> </span><strong>enable/publish</strong><span> </span>SP metadata but cannot access/configure Metadata Provider (and filter) configurations</li></ul><h1 id="DeploymentInstructions-Requirements">Requirements</h1><ul><li>The MCM requires a relational database for persistent storage. Out of the box you can run the application using an in memory database to get familiar with the application but you will need a permanent data store in order to retain configurations</li><li>Java 11+ - the Docker version of the deployment includes the needed Java environment to run the application</li></ul><h1 id="DeploymentInstructions-Downloads">Downloads</h1><ul><li>WAR releases available at:<span> </span><a class="external-link" href="https://github.internet2.edu/TIER/shib-idp-ui/releases" rel="nofollow">https://github.internet2.edu/TIER/shib-idp-ui/releases</a></li><li>Docker image available at:<span> </span><a class="external-link" href="https://hub.docker.com/r/i2incommon/shib-idp-ui/tags" rel="nofollow">https://hub.docker.com/r/i2incommon/shib-idp-ui/tags</a></li></ul><h1 id="DeploymentInstructions-ConfigurationNotes">Configuration Notes</h1><p>The following are some things that are useful to consider and know regardless of which deployment model you choose to go with.</p><p>Much of the behavior of the MCM can be set and controlled through properties files which can be in one or both of the following formats:</p><ul><li>A Spring property file – a simple text file with a property name, equals sign, and the property value, one per line. This file is named:<span> </span><em>application.properties</em></li><li>a YAML format file, named<span> </span><em>application.yml</em></li></ul><p>The MCM comes with basic examples of both types of properties files.</p><p>The example application.properties file includes the core settings for authentication, database connection information, users file, the directory/location settings for where the MCM should write out the metadata files and metadata-providers.xml file it manages, etc.</p><p>The example application.yml file contains all the settings that impact the information, options, list elements, etc. that are actually shown in the UI.</p><p>There is no reason that you need to keep that distinction; you could manage everything through a single properties or YAML-format file if you wanted. On the other hand, it can be a convenient distinction to keep the core "internal/baked-in settings" distinct from the "front-end/UI" settings. By default, property sources named `application.properties` and `application.yml` will be recognized by Spring Boot and merged at runtime to form a finalized `Environment` object holding all the properties gathered from all the property sources locations. Details on the properties that can/should be configured are detailed later in this document.</p><h2 id="DeploymentInstructions-DemoEnvironment">Demo Environment</h2><h3 id="DeploymentInstructions-DockerTestbed">Docker Testbed</h3><p>There are multiple "Testbed" environments that you can run that are available in the repository (in the testbed folder of the repository project). The instances include various database setups as simple examples of how to quickly run the application configured for each database (Maria, Postgres, SQL Server, MySQL).</p><p>There is also a fully integrated example in the testbed folder in the <strong>integration</strong><span> </span>folder. It includes the:</p><ul><li>SAML MCM</li><li>a Shibboleth IdP<ul><li>with a shared filesystem between the MCM and Shibboleth IdP</li></ul></li><li>an LDAP server as the base credential/attribute store for the IdP</li><li>a Postgres database image for the MCM's persistent database.</li></ul><p>To setup the "Testbed", you will need to:</p><ul><li>Create local DNS entries for idp.unicon.local and shibui.unicon.local pointing to 127.0.0.1. If you want to use other DNS names you can change the Host in the docker-compose.yml, <em>traefik.http.routers.idp.rule</em> and <em>traefik.http.routers.shibui.rule</em></li><li><p class="auto-cursor-target">Clone the repository:</p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><p style="text-align: left;"><code class="bash plain" style="text-align: left;">$> git clone https:</code><code class="bash plain" style="text-align: left;">//github</code><code class="bash plain" style="text-align: left;">.<a class="external-link" href="http://internet2.edu">internet2.edu</a></code><code class="bash plain" style="text-align: left;">/TIER/shib-idp-ui</code><code class="bash plain" style="text-align: left;">.git</code></p></td></tr></tbody></table></div></li></ul><ul><li><strong>cd</strong><span> </span>into<span> <em>shib-ui/</em></span><em>testbed/integration</em></li><li>Run the following command:<br/><code>docker compose up</code></li></ul><p>Once Docker has completed the startup of all containers you can access the SAML MCM login screen with the following URL:</p><pre><code>https://shibui.unicon.local
</code></pre><ul><li>Default userid = root</li><li>Default password = letmein7</li></ul><h1 id="DeploymentInstructions-DeploymentOptions">Deployment Options</h1><h2 id="DeploymentInstructions-DeploymentviaDocker">Deployment via Docker</h2><p>The Docker image of the SAML MCM follows the TIER Docker packaging standards, utilizing CentOS7, the Zulu JDK, supervisor, and the TIER Beacon configuration.</p><p>Basic usage:</p><p><br/></p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence">docker run -p 8080:8080 -v <your local application.properties>:/opt/shibui/application.properties i2incommon/shib-idp-ui</pre>
</div></div><p><code><br class="auto-cursor-target"/></code>You will want to create a local application.properties file that contains the core application settings you want overriding the defaults that are in the SAML MCM war file. Your file should be mounted at the location /opt/shibui/application.properties.<span> </span></p><p>The current set of supported properties can be found <a href="#DeploymentInstructions-app.props">here</a>.</p><p>Note: If you did not set an explicit password in your local application.properties then you will have to look at the startup "console messages" and find the one generated at startup. Look for the line: <span> </span><strong>Using generated security password:</strong>. The username is:<span> </span><strong>user</strong><code>
</code></p><h2 id="DeploymentInstructions-DeploymentviaembeddedTomcatmode">Deployment via embedded Tomcat mode</h2><p><span style="color: rgb(0,0,0);">The SAML MCM war file includes an embedded Tomcat mode allowing you to run the application without any external dependencies beyond your configuration overrides.</span></p><p><span style="color: rgb(0,0,0);">The following example shows how you can override the default database and use mariadb instead. Example application.yml(s) for configuring common RDBMS can be found in the github <a class="external-link" href="https://github.internet2.edu/TIER/shib-idp-ui/tree/master/testbed">repository</a>.</span></p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence">shibui:
default-password: "{noop}pass"
spring:
datasource:
platform: mysql
driver-class-name: org.mariadb.jdbc.Driver
url: jdbc:mariadb://localhost:3306/shibui
username: shibui
password: shibui
jpa:
properties:
hibernate:
dialect: org.hibernate.dialect.MariaDB103Dialect</pre>
</div></div><p>Note: You need to list an "encryption scheme" for the default-password which is what the '{noop}' is preceding it. More info on the encryption scheme can be found <a href="#DeploymentInstructions-auth.opts">here</a>.</p><p><br/></p><p>Then you will run the war and tell Spring Boot where to find the externalized<span> </span><strong>application.yml</strong>.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence">java -Xmx1g -jar shibui-1.18.0.war --spring.config.additional-location=file:/etc/shibboleth-ui/</pre>
</div></div><p>You can then access the application on<span> </span><a class="external-link" href="http://localhost:8080/" rel="nofollow">http://localhost:8080</a> and login as root with the password you set in application.yml<br/><br/></p><h2 id="DeploymentInstructions-Deploymentviaexternalservletcontainer(Tomcat,Jettyetal)">Deployment via external servlet container (Tomcat, Jetty et al)</h2><p>This section describes how to deploy Shibboleth UI application as web archive with external configuration sources which override default configuration setting embedded in Shibboleth UI war to external Tomcat servlet container.</p><p>Shibboleth UI is a Spring Boot web application which supports all standard Spring Boot property sources and configuration options. So, let's assume that our external configuration directory is `/etc/shibboleth-ui`. By default, property sources named `application.properties` and `application.yml` will be recognized by Spring Boot and merged at runtime to form a finalized `Environment` object holding all the properties gathered from all the property sources locations and then available to configure Shibboleth UI web application. All the standard Spring Boot property sources precedence rules apply here, but for our purposes we need to know that Shibboleth UI war deployed to external servlet container, embeds the set of default configuration properties on runtime classpath in `application.properties` file and then any standard property could be overridden by externalizing them in additional `application.properties` or `application.yml` files. So, back to our example, let's assume we use `/etc/shibboleth-ui/application.yml` file to run our Shibboleth UI application and connect to MariaDB RDBMS instead of a default embedded H2 database that is configured in `application.properties` embedded in shibui.war which would be deployed to external servlet container. The sample `/etc/shibboleth-ui/application.yml` containing properties to connect to MariaDB instance would look like this:</p><pre>shibui: <br/> default-password: "{noop}pass"<br/><br/>spring: <br/> datasource:<br/> platform: mysql<br/> driver-class-name: org.mariadb.jdbc.Driver<br/> url: jdbc:<a href="mariadb://localhost:3306/shibui" rel="nofollow">mariadb://localhost:3306/shibui</a><br/> username: shibui<br/> password: shibui<br/> jpa:<br/> properties:<br/> hibernate:<br/> dialect: org.hibernate.dialect.MariaDBDialect</pre><p>Then you would tell Spring Boot where to find externalized `application.yml`. That would be accomplished by passing `spring.config.additional-location` property. For Tomcat it could be accomplished in `$CATALINA_HOME/bin/setenv.sh` file like so:</p><p>`export JAVA_OPTS="$JAVA_OPTS -Dspring.config.additional-location=<a class="external-link" href="http://file/etc/shibboleth-ui/" rel="nofollow">file:/etc/shibboleth-ui/</a>"`</p><p>then deploy `shibui.war` to external Tomcat and then you could access application on `<a class="external-link" href="http://localhost:8080/" rel="nofollow">http://localhost:8080</a>` with `root/pass` username/password combination</p><p>So, now you could use externalized `/etc/shibboleth-ui/application.yml` file to override/configure any property available to Shibboleth UI web aplication independent of what is embedded in shibui.war deployed to external Tomcat container.</p><h3 id="DeploymentInstructions-ConfigureHTTPS">Configure HTTPS</h3><p>To deploy under HTTPS, if the external Tomcat is used, the standard configuration of Tomcat HTTP connector applies here. When deploying in the embedded Tomcat mode, in order to enable HTTPS, the following configuration properties (sample) should be used:</p><pre>server:<br/> ssl:<br/> key-store: /etc/shibui/keystore.p12<br/> key-store-password: password<br/> key-store-type: pkcs12<br/> key-alias: tomcat<br/> key-password: password<br/> port: 8443<br/><br/>Note that `keystore.p12` would contain a valid SSL certificate</pre><h1 id="DeploymentInstructions-auth.optsAuthenticationOptions"><span class="confluence-anchor-link" id="DeploymentInstructions-auth.opts"></span>Authentication Options</h1><p>One key decision that you will need to make is how to control authentication of users of the ShibUI. If you use the default user or a users file, note the following on defining passwords</p><p>Currently, the supported values for ENCRYPT_SCHEME are either:</p><ul><li>noop -- clear text password follows</li><li>bcrypt -- the following value has been encrypted with the $2a$ Bcrypt algorithm (limitation of the underlying Spring library currently incorporated is that only the<span> </span><a class="external-link" href="https://en.wikipedia.org/wiki/Bcrypt#Versioning_history" rel="nofollow">$2a$ Bcrypt algorithm<span> </span></a>is supported.)</li></ul><p>For more info on supported Spring Security's password storage formats, see: <a class="external-link" href="https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#pe-dpe-format" rel="nofollow">https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#pe-dpe-format</a></p><h2 id="DeploymentInstructions-Default-Single"root"user">Default - Single "root" user</h2><p><em>Simple, recommended only for secure environments (private networks available accessible via VPN or local access) with very limited user base (1-2 admin)</em></p><p>If you "do nothing", the ShibUI will set up a single "<strong>root</strong>" (that's the username) user, with a password it will generate the first time you run it. That password should be displayed in the console log as the UI starts up – but you probably really don't want to rely on that. If you are going to go with this option, you should set the password for that single "root" user in the configuration file.</p><p>application.properties:<span> </span><strong>shibui.default-password</strong><span> </span>= {ENCRYPT_SCHEME}password</p><h2 id="DeploymentInstructions-UsersDefinedviaFile">Users Defined via File</h2><p><em>Simple, recommended only for secure environments (private networks available accessible via VPN or local access) with limited user base (where users will not share a single login)</em></p><p>Obviously, you could start playing with the ShibUI, and even have multiple people use that same single root account. But likely just about any deployer is going to want to instead supply a "users file", and/or integrate your Shibboleth IdP as the authentication source.</p><p>Even if you are going to do the latter, you really need to "bootstrap" the Shibboleth IdP integration with at least a single user in that "users file". The reason for that is you need to establish at least one user who has the<span> </span><strong>ROLE_ADMIN</strong><span> </span>role.</p><p>The ShibUI application does support accepting the UI role for a user as an attribute from the Shibboleth IdP. If the IDP user information is not able to provide roles as listed above, you will need to configure a users file with at least one username (that will be passed from the IdP) listed with the ROLE_ADMIN role. You can configure the users file to have as many users as you want. The format of the users file is the following set of fields, separated by commas:</p><p><strong>username,{ENCRYPT_SCHEME}password,firstname,lastname,ROLE_VALUE,email</strong></p><div class="confluence-information-macro confluence-information-macro-information"><p class="title conf-macro-render">Example Users File</p><span class="aui-icon aui-icon-small aui-iconfont-info confluence-information-macro-icon"></span><div class="confluence-information-macro-body">dummy,{noop}password,first,last,ROLE_DUMMY,dummy@<a class="external-link" href="http://bill.com">bill.com</a><br/>admin,{noop}password,admin,admin,ROLE_ADMIN,admin@<a class="external-link" href="http://foo.com">foo.com</a><br/>user,{noop}password,some,user,ROLE_USER,user@<a class="external-link" href="http://foo.com">foo.com</a></div></div><p>The property name that is used to indicate users file is:</p><ul><li>shibui.user-bootstrap-resource = <a class="external-link" href="http://file/full/path/to/users/file.txt">file:/full/path/to/users/file.txt</a></li></ul><p>**(the name of the file does not matter)</p><p>Every time you restart the ShibUI, it will read in that file, and update the internal user database entries with any changes. Password is still a required field, but won't be used if your Shibboleth IdP is being used to authenticate your ShibUI users.</p><p>The property name that is used to indicate users file is:</p><ul><li>shibui.user-bootstrap-resource = <a class="external-link" href="http://file/full/path/to/users/file.txt">file:/full/path/to/users/file.txt</a></li></ul><p>**(the name of the file does not matter)</p><p>Every time you restart the ShibUI, it will read in that file, and update the internal user database entries with any changes. Password is still a required field, but won't be used if your Shibboleth IdP is being used to authenticate your ShibUI users.</p><h2 id="DeploymentInstructions-UsersAuthenticatedviaShibbolethIDP">Users Authenticated via Shibboleth IDP</h2><p><em>Recommended when a large volume of users needs to access the ShibUI or the application will be publicly accessible</em></p><p>Many deployers will presumably want to use their Shibboleth IdP for authentication. The ShibUI includes a Java-based SAML SP based on the Pac4j (<span> </span><a class="external-link" href="https://www.pac4j.org/" rel="nofollow">https://www.pac4j.org</a><span> </span>) library (SAML support built on top of the Shibboleth Consortium's OpenSAML software). This is pretty easy to configure, but it requires doing the following steps, before you start up the ShibUI.</p><ol><li>Configure, in a users file, at least one user that will match up with a Shibboleth IdP-supplied user identifier with ROLE_ADMIN (password is a required field in the file but is irrelevant/ignored in the user file)</li><li>Create a copy of the Shibboleth IdP's metadata, and place within the file system where the ShibUI can access</li><li>Configure the following settings in<span> </span><em>application.properties or application.yml</em>.</li></ol><p>Note: the settings for where Pac4j will store its SAML-related certificates (<span> </span><strong>shibui.pac4j.keystorePath</strong><span> </span>and related passwords) and SP metadata (<span> </span><strong>shibui.pac4j.serviceProviderMetadataPath</strong><span> </span>) will be the locations where you want Pac4j to store (it will self-generate files on first attempt to access.<span> </span><strong>These don't need to be existing files, it is easiest to let Pac4j do the generation for you.</strong>)</p><p><br/></p><p><br/></p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><colgroup><col/></colgroup><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><div class="content-wrapper"><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>application.properties config example</b></div><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence"># Enable Pac4j, should generate its own certs and metadata on first attempt to use
shibui.pac4j-enabled = true
shibui.pac4j.keystorePath = /full/path/to/ShibUI/samlKeystore.jks
shibui.pac4j.keystorePassword = whatever_you_want
shibui.pac4j.privateKeyPassword = whatever_you_want
shibui.pac4j.serviceProviderMetadataPath = /full/path/to/ShibUI/sp-metadata.xml
shibui.pac4j.serviceProviderEntityId = http(s)://entityID/url/for/ShibUI
# Path to file containing Shibboleth IdP metadata
shibui.pac4j.identityProviderMetadataPath = /full/path/to/ShibIdP/idp-metadata.xml
shibui.pac4j.forceServiceProviderMetadataGeneration = false
shibui.pac4j.callbackUrl = https://localhost:8443/callback ← Note this depends on the URL at which the ShibUI will be available
# Following is the max allowed age of AuthnInstant allowed
# in SAML response sent to Pac4j SP
shibui.pac4j.maximumAuthenticationLifetime = 36000
# SAML attribute mapping. Name of the attribute the IdP will
# supply that the UI should use to populate its internal user store.
# As long as it least one Shibboleth IdP username matches up with at least one
# in the supplied users file that has the Admin (ROLE_ADMIN) roel, that person
# can manage the role assignment of all other users thru the UI directly.
shibui.pac4j.simpleProfileMapping.username = urn:oid:0.9.2342.19200300.100.1.1
shibui.pac4j.simpleProfileMapping.firstname = urn:oid:2.5.4.42
shibui.pac4j.simpleProfileMapping.lastname = urn:oid:2.5.4.4
shibui.pac4j.simpleProfileMapping.email = urn:oid:0.9.2342.19200300.100.1.3</pre>
</div></div></div></td></tr></tbody></table></div><p><br/><br/></p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><colgroup><col/></colgroup><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><div class="content-wrapper"><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>application.yml config example</b></div><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence">shibui:
pac4j-enabled: true # Enable Pac4j, should generate its own certs and metadata on first attempt to use
pac4j:
keystorePath: /full/path/to/ShibUI/samlKeystore.jks
keystorePassword: whatever_you_want
privateKeyPassword: whatever_you_want
serviceProviderMetadataPath: /full/path/to/ShibUI/sp-metadata.xml
serviceProviderEntityId: http(s)://entityID/url/for/ShibUI
identityProviderMetadataPath: /full/path/to/ShibIdP/idp-metadata.xml
forceServiceProviderMetadataGeneration: false
callbackUrl: https://localhost:8443/callback
maximumAuthenticationLifetime: 3600000
simpleProfileMapping:
username: urn:oid:0.9.2342.19200300.100.1.1
firstname: urn:oid:2.5.4.42
lastname: urn:oid:2.5.4.4
email: urn:oid:0.9.2342.19200300.100.1.3</pre>
</div></div></div></td></tr></tbody></table></div><p><br/></p><p>Once you have those settings in place, then start up the ShibUI, and try to access the dashboard, you should be directed to the configured IdP for authentication. The IdP should present an error, because you have not yet configured it with metadata and attribute release for the ShibUI.</p><p>As the files you provided for SP keystore and metadata were "non-existent", Pac4j will generate those.<span> </span><strong>So now you will have a ShibUI SP metadata file (for ShibUI) that you can add to the IdP, and configure attribute release to the ShibUI entityID, matching up with the attribute mapping you configured above.</strong></p><p>Re-try to access the ShibUI dashboard again, and you should be "good to go".</p><p>The above process should work no matter what deployment model you choose. What will be different between the models is how the ShibUI interacts with the file system, and its expectations as to where various files will be found.</p><h1 id="DeploymentInstructions-ConfigurationProperties"><span>Configuration Properties</span></h1><h2 id="DeploymentInstructions-DatabaseConfigurationviaapplication.yaml"><span>Database Configuration via application.yaml</span></h2><p>This set of examples shows the basic configuration for each of the database types - please adjust server-names/addresses/ports/db-name/dbusers accordingly with your database. Defaults shown below</p><p>Support for MySQL, Postgres, MariaDB, and SQL Server are available</p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><colgroup><col/></colgroup><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><div class="content-wrapper"><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>database configuration</b></div><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence">spring:
profiles:
include:
datasource:
platform: mysql
driver-class-name: org.mariadb.jdbc.Driver
url: jdbc:mariadb://db:3306/shibui
username: shibui
password: shibui
jpa:
properties:
hibernate:
dialect: org.hibernate.dialect.MariaDB103Dialect
----------------------------------------------------------------
spring:
profiles:
include:
datasource:
platform: mysql
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://db:3306/shibui
username: shibui
password: shibui
jpa:
properties:
hibernate:
dialect: org.hibernate.dialect.MySQL8Dialect
----------------------------------------------------------------
spring:
profiles:
include:
datasource:
platform: postgres
driver-class-name: org.postgresql.Driver
url: jdbc:postgresql://db:5432/shibui
username: shibui
password: shibui
jpa:
properties:
hibernate:
dialect: org.hibernate.dialect.PostgreSQL95Dialect
----------------------------------------------------------------
spring:
profiles:
include:
datasource:
platform: sqlserver
driver-class-name: com.microsoft.sqlserver.jdbc.SQLServerDriver
url: jdbc:sqlserver://db:1433
username: shibui
password: shibui
jpa:
properties:
hibernate:
dialect: org.hibernate.dialect.SQLServerDialect</pre>
</div></div></div></td></tr></tbody></table></div><h2 id="DeploymentInstructions-app.propsapplication.propertiessettings"><span class="confluence-anchor-link" id="DeploymentInstructions-app.props"></span>application.properties settings</h2><p>This is a reflection of the default<span> </span><code>application.properties</code><span> </span>file included in the distribution. Note that lines beginning with<span> </span><code>#</code><span> </span>are commented out.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence"># Server Configuration
#server.port=8080
# Logging Configuration
#logging.config=classpath:log4j2.xml
#logging.level.org.springframework.security=INFO
logging.level.org.springframework=INFO
logging.level.edu.internet2.tier.shibboleth.admin.ui=INFO
spring.main.allow-bean-definition-overriding=true
# Database Credentials
spring.datasource.username=shibui
spring.datasource.password=shibui
# Database Configuration H2
spring.datasource.url=jdbc:h2:mem:shibui;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
spring.datasource.platform=h2
spring.datasource.driverClassName=org.h2.Driver
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
spring.h2.console.enabled=true
spring.h2.console.settings.web-allow-others=true
# spring.jackson.default-property-inclusion=non_absent
spring.jackson.default-property-inclusion=NON_NULL
spring.jackson.mapper.accept-case-insensitive-enums=true
# Database Configuration PostgreSQL
#spring.datasource.url=jdbc:postgresql://localhost:5432/shibui
#spring.datasource.driverClassName=org.postgresql.Driver
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
#Maria/MySQL DB
#spring.datasource.url=jdbc:mariadb://localhost:3306/shibui
#spring.datasource.driverClassName=org.mariadb.jdbc.Driver
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDBDialect
# Liquibase properties
spring.liquibase.enabled=false
# Hibernate properties
# for production never ever use create, create-drop. It's BEST to use validate
spring.jpa.hibernate.ddl-auto=update
spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
spring.jpa.show-sql=false
spring.jpa.properties.hibernate.format_sql=false
spring.jpa.properties.hibernate.check_nullability=true
spring.jpa.hibernate.use-new-id-generator-mappings=true
#Envers versioning
spring.jpa.properties.org.hibernate.envers.store_data_at_delete=true
#Needed in the latest versions of Spring Boot when doing manual transaction management like we do in envers versioning code
spring.jpa.properties.hibernate.current_session_context_class=org.springframework.orm.hibernate5.SpringSessionContext
# Set the following property to periodically write out the generated metadata files. There is no default value; the following is just an example
# shibui.metadata-dir=/opt/shibboleth-idp/metadata/generated
shibui.logout-url=/dashboard
# spring.profiles.active=default
## Default root user can be set in application.yml or here - setting in both places can be undeterministic
## Default password must be set for the default user to be configured and setup
#shibui.default-password={noop}somepassword
shibui.default-rootuser=root
shibui.metadata-sources-ui-schema-location=classpath:metadata-sources-ui-schema.json
shibui.entity-attributes-filters-ui-schema-location=classpath:entity-attributes-filters-ui-schema.json
shibui.nameid-filter-ui-schema-location=classpath:nameid-filter.schema.json
#Actuator endpoints (info)
# Un-comment to get full git details exposed like author, abbreviated SHA-1, commit message
#management.info.git.mode=full
###
# metadata-providers.xml write configuration
# Set the following property to periodically write out metadata providers configuration. There is no default value; the following is just an example
# The run rate is defined in milliseconds. You will need to configure your Shibboleth IDP to read the produced file
# shibui.metadataProviders.target=file:/opt/shibboleth-idp/conf/shibui-metadata-providers.xml
# shibui.metadataProviders.taskRunRate=30000
# Email configuration (local mailhog)
# spring.mail.host=mailhog
# spring.mail.port=1025
# spring.mail.username=username
# spring.mail.password=password
# spring.mail.properties.mail.smtp.auth=false
# spring.mail.properties.mail.smtp.starttls.enable=false
shibui.mail.text-email-template-path-prefix=/mail/text/
shibui.mail.html.email-template-path-prefix=/mail/html/
shibui.mail.system-email-address=doNotReply@shibui.org
#ShibUIConfiguration slurps in these values and they are bootstrapped in on startup
shibui.roles=ROLE_ADMIN,ROLE_ENABLE,ROLE_USER,ROLE_NONE
#Authenticated access roles - used by Spring Security to allow access when authenticated
shibui.roles.authenticated=ADMIN,ENABLE,USER
#In order to enable authentication via configured pac4j library (with external SAMl Idp, for example)
#This property must be set to true and pac4j properties configured. For sample pac4j properties, see application.yml
#for an example pac4j configuration
#shibui.pac4j-enabled=true
#This property must be set to true in order to enable posting stats to beacon endpoint. Furthermore, appropriate
#environment variables must be set for beacon publisher to be used (the ones that are set when running shib-ui in
#docker container
shibui.beacon-enabled=true</pre>
</div></div><p><br/></p><h2 id="DeploymentInstructions-AdditionalConfigurationviaYAMLProperties">Additional Configuration via YAML Properties</h2><p><span class="conf-macro output-inline">The following properties may be customized through an `application.yml` file. </span></p><h3 id="DeploymentInstructions-Attributes(forAttributeRelease)">Attributes (for Attribute Release)</h3><p>Example:</p><p><strong>Attribute Release</strong></p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><colgroup><col/></colgroup><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><p style="text-align: left;"><code class="yml variable" style="text-align: left;">custom:</code><br/><code class="yml spaces" style="text-align: left;"> </code><code class="yml variable" style="text-align: left;">attributes:</code><br/><code class="yml spaces" style="text-align: left;"> </code><code class="yml string bold" style="text-align: left;">-</code><span> </span><code class="yml plain" style="text-align: left;">name</code><code class="yml constants" style="text-align: left;">:</code><span> </span><code class="yml plain" style="text-align: left;">eduPersonPrincipalName</code><br/><code class="yml spaces" style="text-align: left;"> </code><code class="yml variable" style="text-align: left;">displayName:</code><span> </span><code class="yml plain" style="text-align: left;">label.attribute-eduPersonPrincipalName</code><br/><code class="yml spaces" style="text-align: left;"> </code><code class="yml string bold" style="text-align: left;">-</code><span> </span><code class="yml plain" style="text-align: left;">name</code><code class="yml constants" style="text-align: left;">:</code><span> </span><code class="yml plain" style="text-align: left;">uid</code><br/><code class="yml spaces" style="text-align: left;"> </code><code class="yml variable" style="text-align: left;">displayName:</code><span> </span><code class="yml plain" style="text-align: left;">label.attribute-uid</code></p></td></tr></tbody></table></div><p><strong>name</strong>: The name of the entry. used to uniquely identify this entry.</p><p><strong>displayName</strong>: This will normally be the label used when displaying this override in the UI. (set in messages.properties)</p><h4 id="DeploymentInstructions-Defaultsattributes"><u>Defaults attributes</u></h4><ul><li><strong>eduPersonPrincipalName</strong>: label.attribute-eduPersonPrincipalName</li><li><strong>uid</strong>: label.attribute-uid</li><li><strong>mail</strong>: label.attribute-mail</li><li><strong>surname</strong>: label.attribute-surname</li><li><strong>givenName</strong>: label.attribute-givenName</li><li><strong>eduPersonAffiliation</strong>: label.attribute-eduPersonAffiliation</li><li><strong>eduPersonScopedAffiliation</strong>: label.attribute-eduPersonScopedAffiliation</li><li><strong>eduPersonPrimaryAffiliation</strong>: label.attribute-eduPersonPrimaryAffiliation</li><li><strong>eduPersonEntitlement</strong>: label.attribute-eduPersonEntitlement</li><li><strong>eduPersonAssurance</strong>: label.attribute-eduPersonAssurance</li><li><strong>eduPersonUniqueId</strong>: label.attribute-eduPersonUniqueId</li><li><strong>employeeNumber</strong>: label.attribute-employeeNumber</li></ul><h3 id="DeploymentInstructions-RelyingPartyOverrides">Relying Party Overrides</h3><div class="confluence-information-macro confluence-information-macro-information"><span class="aui-icon aui-icon-small aui-iconfont-info confluence-information-macro-icon"></span><div class="confluence-information-macro-body"><p>Note: The <code>application.yml</code> file allows you to create Relying Party overrides that will be imported into the database configuration at startup. This can be used to bootstrap the database with a set of Relying Party overrides. Once the Shibb UI has imported these overrides, they will be managed through the user interface (as Custom Attributes) and any changes to them in the <code>application.yml</code> file will be ignored in favor of the configuration in the database. Adding overrides to the <code>application.yml</code> file is not recommended unless you have a large number of overrides to add all at once. </p></div></div><p>It is imperative when defining these that the "displayType" and "persistType" are known types. Typos or unsupported values here will result in that override being skipped! Supported types are as follows: boolean, integer, string, set, list. Note that "persistType" doesn't have to match "displayType". However, the only unmatching combination currently supported is a "displayType" of "boolean" and "persistType" of "string".</p><p>Example:<br/><strong>Relying Party Overrides</strong></p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><colgroup><col/></colgroup><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><div class="content-wrapper"><p style="text-align: left;"><br/></p><p style="text-align: left;"><br/></p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="syntaxhighlighter-pre" data-syntaxhighlighter-params="brush: java; gutter: false; theme: Confluence" data-theme="Confluence">custom:
overrides:
- name: signAssertion
displayName: label.sign-the-assertion
displayType: boolean
defaultValue: false
helpText: tooltip.sign-assertion
attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions
attributeFriendlyName: signAssertions
- name: dontSignResponse
displayName: label.dont-sign-the-response
displayType: boolean
defaultValue: false
helpText: tooltip.dont-sign-response
attributeName: http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses
attributeFriendlyName: signResponses
invert: true</pre>
</div></div><p style="text-align: left;"><br/></p><p style="text-align: left;"><br/></p></div></td></tr></tbody></table></div><p><strong>name:<span> </span></strong>The name of the entry. used to uniquely identify this entry.</p><p><strong>displayName</strong>: This will normally be the label used when displaying this override in the UI. (set in messages.properties)</p><p><strong>displayType:</strong> The type to use when displaying this option</p><p><strong>defaultValue(s)</strong>: One or more values to be displayed as default options in the UI</p><p><strong>helpText</strong>: This is the help-icon hover-over text</p><p><strong>attributeName</strong>: This is the name of the attribute to be used in the xml. This is assumed to be a URI.</p><p><strong>attributeFriendlyName</strong>: This is the friendly name associated with the above attributeName.</p><p><strong>invert</strong>: </p><p><strong>persistType</strong>: Optional. If it is necessary to persist something different than the override's display type, set that type here. For example, display a boolean, but persist a string.</p><p><strong>persistValue</strong>: Required only when persistType is used. Defines the value to be persisted.</p><h4 id="DeploymentInstructions-Defaultproperties"><u>Default properties</u></h4><ul><li><strong>signAssertion</strong><br/>displayName: label.sign-the-assertion<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.sign-assertion<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/saml2/sso/browser/signAssertions</a><br/>attributeFriendlyName: signAssertions</li><li><strong>dontSignResponse</strong><br/>displayName: label.dont-sign-the-response<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.dont-sign-response<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/saml2/sso/browser/signResponses</a><br/>attributeFriendlyName: signResponses<br/>invert: true</li><li><strong>turnOffEncryption</strong><br/>displayName: label.turn-off-encryption-of-response<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.turn-off-encryption<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/encryptAssertions" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/encryptAssertions</a><br/>attributeFriendlyName: encryptAssertions<br/>invert: true</li><li><strong>useSha</strong><br/>displayName: label.use-sha1-signing-algorithm<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.usa-sha-algorithm<br/>persistType: string<br/>persistValue: shibboleth.SecurityConfiguration.SHA1<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/securityConfiguration" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/securityConfiguration</a><br/>attributeFriendlyName: securityConfiguration</li><li> <strong>ignoreAuthenticationMethod</strong><br/>displayName: label.ignore-any-sp-requested-authentication-method<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.ignore-auth-method<br/>persistType: string<br/>persistValue: 0x1<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/disallowedFeatures" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/disallowedFeatures</a><br/>attributeFriendlyName: disallowedFeatures</li><li><strong>omitNotBefore</strong><br/>displayName: label.omit-not-before-condition<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.omit-not-before-condition<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/includeConditionsNotBefore" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/includeConditionsNotBefore</a><br/>attributeFriendlyName: includeConditionsNotBefore<br/>invert: true</li><li><strong>responderId</strong><br/>displayName: label.responder-id<br/>displayType: string<br/>defaultValue: null<br/>helpText: tooltip.responder-id<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/responderId" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/responderId</a><br/>attributeFriendlyName: responderId</li><li><strong>nameIdFormats</strong><br/>displayName: label.nameid-format-to-send<br/>displayType: set<br/>helpText: tooltip.nameid-format<br/>defaultValues:<br/>- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified<br/>- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<br/>- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent<br/>- urn:oasis:names:tc:SAML:2.0:nameid-format:transient<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/nameIDFormatPrecedence" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/nameIDFormatPrecedence</a><br/>attributeFriendlyName: nameIDFormatPrecedence</li><li><strong>authenticationMethods</strong><br/>displayName: label.authentication-methods-to-use<br/>displayType: set<br/>helpText: tooltip.authentication-methods-to-use<br/>defaultValues:<br/>-<span> </span><a class="external-link" href="https://refeds.org/profile/mfa" rel="nofollow" style="text-decoration: none;">https://refeds.org/profile/mfa</a><br/>- urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken<br/>- urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/defaultAuthenticationMethods" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/defaultAuthenticationMethods</a><br/>attributeFriendlyName: defaultAuthenticationMethods</li><li><strong>forceAuthn</strong><br/>displayName: label.force-authn<br/>displayType: boolean<br/>defaultValue: false<br/>helpText: tooltip.force-authn<br/>attributeName:<span> </span><a class="external-link" href="http://shibboleth.net/ns/profiles/forceAuthn" rel="nofollow" style="text-decoration: none;">http://shibboleth.net/ns/profiles/forceAuthn</a><br/>attributeFriendlyName: forceAuthn</li></ul><h1 id="DeploymentInstructions-StepstointegrateaSAML2basedIdPwithShibUI">Steps to integrate a SAML2 based IdP with ShibUI</h1><p>Note: be sure to read through the Authentication options above, they provide some details that apply regardless of the deployment option you have chosen.</p><h2 id="DeploymentInstructions-UsingTestbedEnvironment:">Using Testbed Environment:</h2><p>We will be using the Docker Testbed environment for this working demo. The Testbed is included in the source project. Please make sure you have already deployed the Testbed environment and<br/>verified it is working:</p><ul><li>Verify can log into ShibUI via<span> </span><a class="external-link" href="http://localhost:8080/" rel="nofollow">http://localhost:8080</a></li><li>Verify Shibboleth is running by accessing metadata page for Shibboleth instance<span> </span><a class="external-link" href="https://localhost/idp/shibboleth" rel="nofollow">https://localhost:443/idp/shibboleth</a><br/>We will be needing this metadata info later, so feel free to save to a file now. <pre>curl -k <a class="external-link" href="https://localhost/idp/shibboleth" rel="nofollow">https://localhost:443/idp/shibboleth</a> --output <ShibUI Root>/test-compose/shibui/conf/idp_metadata.xml</pre></li></ul><p>You will need to stop the Docker containers before continuing in the next section:</p><pre>docker-compose down</pre><h2 id="DeploymentInstructions-ShibUISetup">ShibUI Setup</h2><p>We will be using the Pac4j's library for SAML2 support in ShibUI. This will be easy to implement since ShibUI uses a pluggable architecture.</p><p>To enable Pac4j, open and update the following files:</p><ul><li><em>test-compose/shibui/conf/applications.properties:</em><pre>shibui.pac4j-enabled=true</pre></li><li><em>test-compose/shibui/conf/applications.yml:</em><br/>* Under ShibUI section add:<pre> pac4j-enabled: true<br/> pac4j:<br/> keystorePath: "/etc/opt/samlKeystore.jks"<br/> keystorePassword: "changeit"<br/> privateKeyPassword: "changeit"<br/> serviceProviderEntityId: "<a class="external-link" href="https://idp.example.com/shibui" rel="nofollow">https://idp.example.com/shibui</a>"<br/> serviceProviderMetadataPath: "/etc/opt/sp-metadata.xml"<br/> identityProviderMetadataPath: "/etc/opt/idp-metadata.xml"<br/> forceServiceProviderMetadataGeneration: false<br/> callbackUrl: "<a class="external-link" href="https://localhost:8443/callback" rel="nofollow">https://localhost:8443/callback</a>"<br/> maximumAuthenticationLifetime: 3600000<br/> simpleProfileMapping:<br/> username: urn:oid:0.9.2342.19200300.100.1.1<br/> firstname: urn:oid:2.5.4.42<br/> lastname: urn:oid:2.5.4.4<br/> email: urn:oid:0.9.2342.19200300.100.1.3</pre><pre><br/></pre><ul><li>Key fields:<ul><li><strong>keystorePath</strong>: URL to an existing or newly created keystore. Create or move keystore to <em>test-compose/shibui/conf/.</em><br/>Create command:<br/><em>keytool -genkeypair -alias pac4j -keypass changeit -keystore samlKeystore.jks -storepass changeit -keyalg RSA -keysize 2048 -validity 3650</em></li><li><strong>serviceProviderEntityId</strong>: Entity ID of ShibUI</li><li><strong>serviceProviderMetadataPath</strong>: Location of where you want SP metadata file to be created</li><li><strong>identityProviderMetadataPath</strong>: Location of saved Shibb IdP metadata file (saved earlier when verifying Testbed environment)</li><li><strong>simpleProfileMapping</strong>: Attributes needed by ShibUI to work with SAML2 IdP</li></ul></li></ul></li></ul><p>Make sure the keystore file, idp metadata file, and both application files are moved to the ShibUI container when started:</p><ul><li>test-compose/docker-compose.yml:<br/>under shibui: volumes:<br/><pre>- ./shibui/conf/application.yml:/opt/shibui/application.yml<br/>- ./shibui/conf/samlKeystore.jks:/opt/shibui/samlKeystore.jks<br/>- ./shibui/conf/application.properties:/opt/shibui/application.properties<br/>- ./shibui/conf/idp-metadata.xml:/opt/shibui/idp-metadata.xml</pre></li></ul><p>Now run Docker:</p><pre>docker-compose up</pre><p>When the Docker containers are running, you will need to log into the ShibUI container and copy the newly created sp-metadata.xml file to a new <em>test-compose/idp/container-files/services/sp-metadata.xml</em><span> </span>file. </p><p>Once this is complete, add the following to the<span> </span><em>test-compose/idp/Dockerfile</em>:</p><pre><span style="color: rgb(204,120,50);">COPY </span>container-files<span style="color: rgb(204,120,50);">/</span>services<span style="color: rgb(204,120,50);">/</span>sp-metadata.xml <span style="color: rgb(204,120,50);">/</span>opt<span style="color: rgb(204,120,50);">/</span>shibboleth-idp<span style="color: rgb(204,120,50);">/</span>metadata<span style="color: rgb(204,120,50);">/</span>sp-metadata.xml</pre><h2 id="DeploymentInstructions-ShibbolethIdPSetup">Shibboleth IdP Setup</h2><p>At this point you will need to add the ShibUI application as a new SP to Shibboleth IdP. The files you will need to update are located at<span> </span><em>test-compose/idp/container-files/conf/. <span> </span></em>It is assumed that you understand adding a new SP to your Shibboleth IDP</p><h1 id="DeploymentInstructions-SuggestedSetupNote">Suggested Setup Note</h1><p>The following suggested setup will allow you to configure the generation of configuration from the ShibUI to be ingested for use in your Shibboleth IDP with the minimal amount of effort.</p><ol><li>In your application properties, configure:<span> </span><strong>shibui.metadataProviders.target</strong><span> </span>- this should be the full path, including filename, of the XML output ShibUI will generate for metadata providers (the location must be writable by the ShibUi application and readable by the Shibboleth IdP , but not a temp directory that will get deleted/cleaned by the host system processes. eg -<span> </span><strong><a class="external-link" href="http://file/opt/shibboleth/config/dynamic_config/metadata-providers.xml">file:/opt/shibboleth/config/dynamic_config/metadata-providers.xml</a></strong></li><li>In your application properties, configure:<span> </span><strong>shibui.metadata-dir</strong><span> </span>- this should be the full path of the directory to create metadata source files. Again, the location should be writeable by the ShibUI and readable by the IDP. eg -<span> </span><strong>/opt/shibboleth/config/dynamic_metadata</strong></li><li>In your Shibboleth configuration's services.xml file, update the block for shibboleth.MetadataResolverResources to include the shibui.metadataProviders.target location </li></ol><p><br/><br/><strong>example</strong></p><div class="table-wrap"><table class="wrapped confluenceTable" style="text-align: left;"><colgroup><col/></colgroup><tbody style="text-align: left;"><tr style="text-align: left;"><td style="text-align: left;" class="confluenceTd"><p style="text-align: left;"><code class="xml plain" style="text-align: left;"><</code><code class="xml keyword" style="text-align: left;">util:list</code><span> </span><code class="xml color1" style="text-align: left;">id</code><code class="xml plain" style="text-align: left;">=</code><code class="xml string" style="text-align: left;">"shibboleth.MetadataResolverResources"</code><code class="xml plain" style="text-align: left;">></code><br/><code class="xml spaces" style="text-align: left;"> </code><code class="xml plain" style="text-align: left;"><</code><code class="xml keyword" style="text-align: left;">value</code><code class="xml plain" style="text-align: left;">>%{idp.home}/conf/metadata-providers.xml</</code><code class="xml keyword" style="text-align: left;">value</code><code class="xml plain" style="text-align: left;">></code><br/><code class="xml spaces" style="text-align: left;"> </code><code class="xml plain" style="text-align: left;"><</code><code class="xml keyword" style="text-align: left;">value</code><code class="xml plain" style="text-align: left;">>%{idp.home}/system/conf/metadata-providers-system.xml</</code><code class="xml keyword" style="text-align: left;">value</code><code class="xml plain" style="text-align: left;">></code><br/><code class="xml spaces" style="text-align: left;"> </code><code class="xml plain" style="text-align: left;"><</code><code class="xml keyword" style="text-align: left;">value</code><code class="xml plain" style="text-align: left;">>${idp.home}/conf/dynamic_config/metadata-providers.xml</</code><code class="xml keyword" style="text-align: left;">value</code><code class="xml plain" style="text-align: left;">><span> </span></code><code class="xml comments" style="text-align: left;"><!-- match the shibui.metadataProviders.target value --></code><br/><code class="xml plain" style="text-align: left;"></</code><code class="xml keyword" style="text-align: left;">util:list</code><code class="xml plain" style="text-align: left;">></code></p></td></tr></tbody></table></div><p>Shibboleth will require a restart to pick up the change.</p><p>Once ShibUI is up and running, login as an admin user and create a new Metadata Provider (type:<span> </span><strong>LocalDynamicMetadataResolver</strong>). Use the shibui.metadata-dir location from step 2 above as the directory location. </p><p>The dynamic provider will provide Shibboleth with the location of any SP configured using the ShibUI. </p><p>*NOTE: you can use the testbed/integration setup in the project source code to test how this integration works and to see an example of the full end-to-end workings of the ShibUi and Shibboleth IDP</p><h1 id="DeploymentInstructions-UserMaintenance">User Maintenance</h1><h1 id="DeploymentInstructions-TAPBeaconinstrumentation">TAP Beacon instrumentation</h1><p>Shibboleth Idp UI software includes piece of instrumentation functionality which sends a small batch of statistical data about the environment in which application is deployed such as Docker image name, version, application name, etc. to a running "Beacon collector" facility which is exposed as a REST HTTP endpoint, as defined here: <a class="external-link" href="https://spaces.at.internet2.edu/display/TWGH/TIER+Instrumentation+-+The+TIER+Beacon" rel="nofollow">https://spaces.at.internet2.edu/display/TWGH/TIER+Instrumentation+-+The+TIER+Beacon</a> In the specification page it is described to be implemented as a external cron job running inside Docker container, which is true for other TAP docker images instrumented with Beacon, but Shibboleth Idp UI application has this functionality implemented as an optional Java module. It is an opt-in type of functionality which is off by default but could be turned on with the following application property:</p><p><strong>shibui.beacon-enabled=true</strong><br/><br/>Once it is turned on it will assynchronoiusly send beacon data which it will gather from necessary environment variables (which will be set by TAP Docker image for shibboleth idp ui application), but if running outside of TAP Docker container and those environment variables are not set, even though the beacon module is enabled, the data will not be sent. Below is the example of necessary environment variables that need to be set in order for Beacon module to kick in if running outside of TAP Docker container:<br/><br/><strong>LOGHOST="<a class="external-link" href="https://collector.testbed.tier.internet2.edu/" rel="nofollow">https://collector.testbed.tier.internet2.edu</a>"</strong><br/><strong>LOGPORT="5001"</strong><br/><strong>IMAGE="shibui_local_no_image"</strong><br/><strong>MAINTAINER="local_no_maintainer"</strong><br/><strong>VERSION="1.11.0-SNAPSHOT"</strong><br/><strong>TIERVERSION="191010"</strong></p><p><br/><br/><a class="external-link" href="https://confluence.unicon.net/confluence/display/ProServ/Shibboleth+IdP+UI+Deployment+Instructions" style="text-decoration: none;"><span class="like-button-text">Like</span></a> <span style="text-align: right;letter-spacing: 0.0px;">No labels</span></p><ul class="label-list label-list-right has-pen" style="text-align: right;"><li class="labels-edit-container"><a class="external-link" href="https://confluence.unicon.net/confluence/display/ProServ/Shibboleth+IdP+UI+Deployment+Instructions" style="text-decoration: none;" title="Edit Labels (Type 'l')"><span class="aui-icon aui-icon-small aui-iconfont-devtools-tag-small" style="color: rgb(80,95,121);">Edit Labels</span></a></li></ul><p><br/></p><p class="comment-user-logo"><a class="external-link" href="https://confluence.unicon.net/confluence/users/profile/editmyprofilepicture.action" style="text-decoration: none;" title=""><span class="confluence-embedded-file-wrapper"><img class="confluence-embedded-image userLogo logo defaultLogo confluence-external-resource" draggable="false" src="https://confluence.unicon.net/confluence/s/pipxsy/8505/f5e71ce5e7eab96b69c873705d53960b71f86fff/_/images/icons/profilepics/add_profile_pic.svg" data-image-src="https://confluence.unicon.net/confluence/s/pipxsy/8505/f5e71ce5e7eab96b69c873705d53960b71f86fff/_/images/icons/profilepics/add_profile_pic.svg"></span></a></p><p><span>Write a comment...</span></p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/display/SMMU/Deployment+Instructions">View Online</a>
·
<a href="https://spaces.at.internet2.edu/pages/diffpagesbyversion.action?pageId=172263803&revisedVersion=12&originalVersion=11">View Changes Online</a>
</div>
</div>sean.porth@at.internet2.edu2020-09-10T17:08:42ZSAML Metadata Configuration Managervicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:page-294191359-12024-03-21T15:35:51Z2024-03-21T15:30:53Z<div class="feed"> <p>
Page
<b>added</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p><strong>UPDATE IN PROGRESS. DO NOT USE JUST YET.</strong></p><p><style type='text/css'>/*<![CDATA[*/
div.rbtoc1711638418979 {padding: 0px;}
div.rbtoc1711638418979 ul {margin-left: 0px;}
div.rbtoc1711638418979 li {margin-left: 0px;padding-left: 0px;}
/*]]>*/</style><div class='toc-macro rbtoc1711638418979'>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-Overview'>Overview</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-KeyFeaturesofIdPUI'>Key Features of IdP UI</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-Dashboard'>Dashboard</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-MetadataSourceDashboard'>Metadata Source Dashboard</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-MetadataSourceSearch'>Metadata Source Search</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EnableMetadataSource'>Enable Metadata Source</a></li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataSourceGroupAssociation'>Metadata Source Group Association</a></li>
<li><a href='#SAMLMetadataConfigurationManager-'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeleteMetadataSource'>Delete Metadata Source</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataProviderDashboard'>Metadata Provider Dashboard</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-.1'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataProviderSearch'>Metadata Provider Search</a></li>
<li><a href='#SAMLMetadataConfigurationManager-ReorderMetadataProviders'>Reorder Metadata Providers</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.2'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-EnableMetadataProvider'>Enable Metadata Provider</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-DynamicRegistrationDashboard'>Dynamic Registration Dashboard</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-DynamicRegistrationSearch'>Dynamic Registration Search</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.3'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-EnableDynamicRegistration'>Enable Dynamic Registration</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DynamicRegistrationGroupAssociation'>Dynamic Registration Group Association</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeleteDynamicRegistration'>Delete Dynamic Registration</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-AdminDashboard'>Admin Dashboard</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-.4'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-AssigningaDifferentRoletoaUser'>Assigning a Different Role to a User</a></li>
<li><a href='#SAMLMetadataConfigurationManager-Assigninguserstoagroup'>Assigning users to a group</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeleteauserfromShibbolethIdPUI'>Delete a user from Shibboleth IdP UI</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-.5'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-ActionRequiredDashboard'>Action Required Dashboard</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-EnableMetadataSources'>Enable Metadata Sources</a></li>
<li><a href='#SAMLMetadataConfigurationManager-ApproveMetadataSources'>Approve Metadata Sources</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EnableDynamicRegistrations'>Enable Dynamic Registrations</a></li>
<li><a href='#SAMLMetadataConfigurationManager-ApproveDynamicRegistrations'>Approve Dynamic Registrations</a></li>
<li><a href='#SAMLMetadataConfigurationManager-UserAccessRequest'>User Access Request</a></li>
</ul>
</li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-AddNew'>Add New</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-AddMetadataSource'>Add Metadata Source</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CreatemetadatasourceusingSecurityAssertionMarkupLanguageprotocol'>Create metadata source using Security Assertion Markup Language protocol</a></li>
<li><a href='#SAMLMetadataConfigurationManager-CreatemetadatasourceusingOpenIDConnectprotocol'>Create metadata source using OpenID Connect protocol</a></li>
<li><a href='#SAMLMetadataConfigurationManager-Uploadametadatasource'>Upload a metadata source</a></li>
<li><a href='#SAMLMetadataConfigurationManager-CreatemetadatasourcefromaURL'>Create metadata source from a URL</a></li>
<li><a href='#SAMLMetadataConfigurationManager-Copyametadatasource'>Copy a metadata source</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-AddNewMetadataProviders'>Add New Metadata Providers</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CreateaFileBackedHTTPMetadataProvider'>Create a File Backed HTTP Metadata Provider</a></li>
<li><a href='#SAMLMetadataConfigurationManager-CreateaFileSystemMetadataProvider'>Create a File System Metadata Provider</a></li>
<li><a href='#SAMLMetadataConfigurationManager-CreateaLocalDynamicMetadataProvider'>Create a Local Dynamic Metadata Provider</a></li>
<li><a href='#SAMLMetadataConfigurationManager-CreateaDynamicHTTPMetadataProvider'>Create a Dynamic HTTP Metadata Provider</a></li>
<li><a href='#SAMLMetadataConfigurationManager-CreateaExternalMetadataResolver'>Create a External Metadata Resolver</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-AddDynamicRegistration'>Add Dynamic Registration</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CreateaDynamicRegistration'>Create a Dynamic Registration</a></li>
</ul>
</li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-Configurations'>Configurations</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-MetadataSourceConfiguration'>Metadata Source Configuration</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-AssigntheMetadataSourcetoaGroup'>Assign the Metadata Source to a Group</a></li>
<li><a href='#SAMLMetadataConfigurationManager-Enable/DisableMetadataSource'>Enable/Disable Metadata Source</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeletingaMetadataSource'>Deleting a Metadata Source</a></li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataSourceVersionHistory'>Metadata Source Version History</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CompareVersions'>Compare Versions</a></li>
<li><a href='#SAMLMetadataConfigurationManager-FullDataDisplay'>Full Data Display</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.6'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-ChangesOnlyDisplay'>Changes Only Display</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.7'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-RestoreVersion'>Restore Version</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataSourceXML'>Metadata Source XML</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EditMetadataSource'>Edit Metadata Source</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataProviderConfiguration'>Metadata Provider Configuration</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-MetadataProviderVersionHistory'>Metadata Provider Version History</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CompareVersions.1'>Compare Versions</a></li>
<li><a href='#SAMLMetadataConfigurationManager-FullDataDisplay.1'>Full Data Display</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.8'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-ChangesOnlyDisplay.1'>Changes Only Display</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.9'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-RestoreVersion.1'>Restore Version</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-MetadateProviderFilters'>Metadate Provider Filters</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-AddFilterwithSearchType:EntityID'>Add Filter with Search Type: Entity ID</a></li>
<li><a href='#SAMLMetadataConfigurationManager-AddFilterwithSearchType:Regex'>Add Filter with Search Type: Regex</a></li>
<li><a href='#SAMLMetadataConfigurationManager-AddFilterwithSearchType:Script'>Add Filter with Search Type: Script</a></li>
<li><a href='#SAMLMetadataConfigurationManager-ReorderFilters'>Reorder Filters</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EnableFilters'>Enable Filters</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EditFilters'>Edit Filters</a></li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataFilterComparisonselection'>Metadata Filter Comparison selection</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.10'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeleteFilters'>Delete Filters</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-MetadataProviderXML'>Metadata Provider XML</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EditMetadataProvider'>Edit Metadata Provider</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-.11'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-DynamicRegistrationConfiguration'>Dynamic Registration Configuration</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-AssigntheDynamicRegistrationtoaGroup'>Assign the Dynamic Registration to a Group</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EnableaDynamicRegistrationfromtheConfigurationscreen'>Enable a Dynamic Registration from the Configuration screen</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeletingaDynamicRegistrationfromtheConfigurationscreen'>Deleting a Dynamic Registration from the Configuration screen</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EditaDynamicRegistration'>Edit a Dynamic Registration</a></li>
</ul>
</li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-AdvancedFeatures'>Advanced Features</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CustomEntityAttributes'>Custom Entity Attributes</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-Addnewcustomentityattribute'>Add new custom entity attribute</a></li>
<li><a href='#SAMLMetadataConfigurationManager-Editacustomentityattribute'>Edit a custom entity attribute</a></li>
<li><a href='#SAMLMetadataConfigurationManager-Deleteacustomentityattribute'>Delete a custom entity attribute</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-Attributesbundles'>Attributes bundles</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CreateanAttributeBundle'>Create an Attribute Bundle</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-Groups'>Groups</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-Creatingagroup'>Creating a group</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-Roles'>Roles</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CreatingaRole'>Creating a Role</a></li>
<li><a href='#SAMLMetadataConfigurationManager-.12'></a></li>
<li><a href='#SAMLMetadataConfigurationManager-EditaRole'>Edit a Role</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeleteaRole'>Delete a Role</a></li>
</ul>
</li>
<li><a href='#SAMLMetadataConfigurationManager-ConfigurationSets'>Configuration Sets</a>
<ul class='toc-indentation'>
<li><a href='#SAMLMetadataConfigurationManager-CreateConfigurationSets'>Create Configuration Sets</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DownloadConfigurationSetFiles'>Download Configuration Set Files</a></li>
<li><a href='#SAMLMetadataConfigurationManager-EditShibbolethConfigurations'>Edit Shibboleth Configurations</a></li>
<li><a href='#SAMLMetadataConfigurationManager-DeleteShibbolethConfigurations'>Delete Shibboleth Configurations</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</div></p><p><br/></p><h1 id="SAMLMetadataConfigurationManager-Overview">Overview</h1><p style="text-align: left;">The Shibboleth IdP UI is an easy-to-use management dashboard to work with the latest releases of the Shibboleth IdP. The new Shibboleth IdP UI dashboard allows users to create and update new<span style="color: rgb(0,0,0);"> service providers t</span>o be integrated with IdPs using a friendly graphical user interface. IdP operators can come up to speed and integrate services quickly with minimal training and provides you with an opportunity to delegate IdP management more broadly throughout your organization.</p><h2 style="text-align: left;" id="SAMLMetadataConfigurationManager-KeyFeaturesofIdPUI">Key Features of IdP UI</h2><p style="text-align: left;"><strong>Setup Wizard</strong></p><p style="text-align: left;">The Shibboleth IdP UI provides a wizard for adding or modifying creating service providers, metadata providers, and filters, which gives IdP staff and administrators the flexibility to modify existing IdPs. IdP staff will no longer need to understand the intricacies of multiple complex XML files and edit them just to integrate one new service.</p><p style="text-align: left;"><strong>Administrative Management</strong></p><p style="text-align: left;">You can accomplish a significant portion of the IdP’s administrative management through Shibboleth IdPUI’s intuitive user interface, including post-installation modifications to Shibboleth IdP.</p><p style="text-align: left;"><strong>Integration Management</strong></p><p style="text-align: left;">The Shibboleth IdP UI’s easy-to-understand dashboard and wizard provide the capability to integrate new <span style="color: rgb(0,0,0);">service providers</span> into the IdP, including managing the initial metadata setup and specifying special settings such as SP authentication overrides and attributes to be released.</p><p style="text-align: left;"><strong>Consistency with Shibboleth IdP Modifications </strong></p><p style="text-align: left;">The most common and complex task IdP administrators need to deal with is the metadata and filter information that represent custom configurations of their IdP. Shibboleth IdP UI makes this easy, allowing staff to execute a onetime setup for the modification of selected IdP(s). This helps reduce the long-term maintenance and reduces operational costs.</p><p style="text-align: left;"><strong>Integrated Help</strong></p><p style="text-align: left;">The Shibboleth IdP UI dashboard and wizard guide users to choose the right options by providing helpful information and tooltips throughout the setup process.</p><p style="text-align: left;"><strong>Security and Privacy Control</strong></p><p style="text-align: left;">The Shibboleth IdP UI allows for the configuration of security policies for <span style="color: rgb(0,0,0);">service providers</span> such as encryption, signing and multi-factor configuration.</p><h1 id="SAMLMetadataConfigurationManager-Dashboard"><span style="color: rgb(255,0,0);"><span style="color: rgb(0,51,102);">Dashboard</span></span></h1><p><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">The Shibboleth IdP UI has five dashboard functions:</span> </span></p><ul><li><a href="#ShibbolethIdPUIUserGuide-MetadataSourceDashboard">Metadata Source</a> </li><li><a href="#ShibbolethIdPUIUserGuide-MetadataProviderDashboard">Metadata Provider</a></li><li><a href="#ShibbolethIdPUIUserGuide-DynamicRegistrationDashboard">Dynamic Registration</a></li><li><a href="#ShibbolethIdPUIUserGuide-AdminDashboard">Admin</a></li><li><a href="#ShibbolethIdPUIUserGuide-ActionRequiredDashboard">Action Required</a></li></ul><p><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">A Shibboleth IdP UI Administrator (Administrator) has the ability to view all of these.</span></span></p><p><br/></p><p>Non-Administrator (ROLE_USER and ROLE_ENABLE) only have access to <strong>Metadata Source</strong> and<strong> Dynamic Registration </strong>dashboards. These users can only view sources and registration associated with their group.</p><p>Users belonging to groups that approve metadata sources and dynamic registrations created by other groups will have the <strong>Actions Required</strong> tab, but only have access to <strong>Approve Metadata Source</strong> and <strong>Approve Dynamic Registrations</strong> and only the sources and registrations created by the approvee's groups will be displayed.</p><h2 id="SAMLMetadataConfigurationManager-MetadataSourceDashboard">Metadata Source Dashboard</h2><p><span style="color: rgb(23,43,77);">Metadata sources in <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Shibboleth IdP</span></span> UI are individual metadata artifacts describing single entities, typically relying parties. </span>The Metadata Source Dashboard displays the metadata sources that have been created using the Shibboleth IdP UI application and with the following information:</p><ul><li>Title of metadata source</li><li>Entity ID</li><li>Authentication Protocol</li><li>Author</li><li>Creation Date</li><li>Approval status</li><li>Enabled status</li><li>Group association</li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-MetadataSourceSearch">Search for a specific metadata source</a></span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access a metadata source configurations </span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-EnableMetadataSource">Enable or disable a metadata source</a></span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-MetadataSourceGroupAssociation">Assign the metadata source to a group</a></span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-DeleteMetadataSource">Delete a metadata source</a></span></span></li></ul><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_8-44-46.png?version=1&modificationDate=1711035067205&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_8-44-46.png?version=1&modificationDate=1711035067205&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191676" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_8-44-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><h3 id="SAMLMetadataConfigurationManager-MetadataSourceSearch"><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Metadata Source Search</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Users</span></span> can search for metadata sources by their title, entity ID, authentication code, or author. To perform a search:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or user with <em>ROLE_USER</em> or user with <em>ROLE_ENABLE</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Sources </strong>tab.</li><li>Click in the <strong>Search Files</strong> field and start typing your search term.</li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-41-21.png?version=1&modificationDate=1711035066876&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-41-21.png?version=1&modificationDate=1711035066876&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191664" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-41-21.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>N</strong><strong>OTE:</strong> As you start typing in the search field, the list will reduce to show only those metadata sources that match what you have typed.</p><h3 id="SAMLMetadataConfigurationManager-EnableMetadataSource"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Enable Metadata Source</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Administrators and users with ROLE_ENABLE can enable/disable metadata source. If the metadata source is added by a User, a request will be sent to enable the source. To enable a source from the Metadata Source<strong> </strong>Dashboard: </span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or user with <em>ROLE_ENABLE</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Sources </strong>tab.</li><li>Toggle the <strong>Enabled</strong> switch ON. </li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-42-24.png?version=1&modificationDate=1711035066852&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-42-24.png?version=1&modificationDate=1711035066852&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191663" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-42-24.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>NOTE:</strong> You can also disable the metadata source by toggling the <strong>Enable</strong> switch to OFF.</p><h3 id="SAMLMetadataConfigurationManager-MetadataSourceGroupAssociation"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Metadata Source Group Association</span></span></h3><p><span style="color: rgb(0,0,0);">Administrators can edit a metadata source's group association. </span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To change a source's group association from the Metadata Source<strong> </strong>Dashboard: </span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator.</em></span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Sources </strong>tab.</li><li>Click in the <strong>Group</strong> dropdown menu for the corresponding source and select the new group.</li></ol><h3 id="SAMLMetadataConfigurationManager-"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-43-46.png?version=1&modificationDate=1711035066830&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-43-46.png?version=1&modificationDate=1711035066830&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191662" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-43-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h3><h3 id="SAMLMetadataConfigurationManager-DeleteMetadataSource">Delete Metadata Source</h3><p>Administrators can delete metadata sources that are currently disabled. To delete a source from the Metadata Source<strong> </strong>Dashboard: </p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Sources </strong>tab.</li><li>Click <strong>delete</strong> icon for the corresponding source.</li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.</li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-44-49.png?version=1&modificationDate=1711035066808&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-44-49.png?version=1&modificationDate=1711035066808&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191661" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-44-49.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>NOTE:</strong> Once a metadata source has been enabled, it cannot be deleted. You will need to disable the source prior to deleting it.</p><h2 id="SAMLMetadataConfigurationManager-MetadataProviderDashboard">Metadata Provider Dashboard</h2><p><span style="color: rgb(23,43,77);">The application can generate a<span> </span></span><code>metadata-providers.xml</code><span style="color: rgb(23,43,77);"><span> </span>configuration appropriate for use in the Shibboleth IdP. </span>The Metadata Provider Dashboard displays the metadata provider that have been created using the Shibboleth IdP UI application and with the following information:</p><ul><li>Order</li><li>Title of metadata provider</li><li>Provider Type</li><li>Author</li><li>Creation Date</li><li>Enabled Status</li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-MetadataProviderSearch">Search for a specific metadata provider</a></span></li><li><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-ReorderMetadataProviders">Reorder metadata provider list</a></span></li><li><span style="color: rgb(0,0,0);">Access a metadata provider configuration </span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-EnableMetadataProvider">Enable or disable a metadata provider</a></span></span></li></ul><h3 id="SAMLMetadataConfigurationManager-.1"><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-47-27.png?version=1&modificationDate=1711035066763&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-47-27.png?version=1&modificationDate=1711035066763&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191659" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-47-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></h3><h3 id="SAMLMetadataConfigurationManager-MetadataProviderSearch"><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Metadata Provider Search</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Administrators</span></span> can search for metadata providers by their title, provider type, or author. To perform a search:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Providers </strong>tab.</li><li>Click in the <strong>Search Files</strong> field and start typing your search term.</li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-48-29.png?version=1&modificationDate=1711035066741&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-48-29.png?version=1&modificationDate=1711035066741&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191658" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-48-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>NOTE:</strong> As you start typing in the search field, the list will reduce to show only those metadata providers that match what you have typed.</p><h3 id="SAMLMetadataConfigurationManager-ReorderMetadataProviders"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Reorder Metadata Providers</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Administrators</span></span> can reorder the metadata providers list by following the steps below:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Providers </strong>tab.</li><li>Click either the UP or DOWN arrow to move a corresponding metadata provider.</li></ol><h3 id="SAMLMetadataConfigurationManager-.2"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-50-26.png?version=1&modificationDate=1711035066719&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-50-26.png?version=1&modificationDate=1711035066719&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191657" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-50-26.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></h3><h3 id="SAMLMetadataConfigurationManager-EnableMetadataProvider"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Enable Metadata Provider</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Administrators can enable/disable metadata source. To enable a provider from the Metadata Provider<strong> </strong>Dashboard: </span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Metadata Providers </strong>tab.</li><li>Toggle the <strong>Enabled</strong> switch ON. </li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-51-29.png?version=1&modificationDate=1711035066697&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-3-14_9-51-29.png?version=1&modificationDate=1711035066697&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191656" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-3-14_9-51-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>NOTE:</strong> You can also disable the metadata provider by toggling the <strong>Enable</strong> switch to OFF.</p><h2 id="SAMLMetadataConfigurationManager-DynamicRegistrationDashboard">Dynamic Registration Dashboard</h2><p>The Dynamic Registration Dashboard displays the registrations that have been created using the Shibboleth IdP UI application and with the following information:</p><ul><li>Title of dynamic registration</li><li>Author</li><li>Creation Date</li><li>Approval status</li><li>Enabled Status</li><li>Group association </li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-DynamicRegistrationSearch">Search for a specific dynamic registration</a></span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access a dynamic registration configuration </span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-EnableDynamicRegistration">Enable a dynamic registration</a></span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-DynamicRegistrationGroupAssociation">Assign the dynamic registration to a group</a></span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-DeleteDynamicRegistration">Delete a dynamic registration</a></span></span></li></ul><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-13-18.png?version=1&modificationDate=1711035066674&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-13-18.png?version=1&modificationDate=1711035066674&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191655" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-13-18.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><h3 id="SAMLMetadataConfigurationManager-DynamicRegistrationSearch"><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Dynamic Registration Search</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Users</span></span> can search for dynamic registrations by their title, entity ID, authentication code, or author. To perform a search:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or user with <em>ROLE_USER</em> or user with <em>ROLE_ENABLE</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Dynamic Registration </strong>tab.</li><li>Click in the <strong>Search Files</strong> field and start typing your search term.</li></ol><p><strong>NOTE:</strong> As you start typing in the search field, the list will reduce to show only those metadata sources that match what you have typed.</p><h3 id="SAMLMetadataConfigurationManager-.3"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-17-14.png?version=1&modificationDate=1711035066628&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-17-14.png?version=1&modificationDate=1711035066628&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191653" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-17-14.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></h3><h3 id="SAMLMetadataConfigurationManager-EnableDynamicRegistration"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Enable </span></span><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Dynamic Registration</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Administrators and users with ROLE_ENABLE can enable/disable dynamic registrations. If the dynamic registrations is added by a User, a request will be sent to enable the registration. To enable a source from the Dynamic Registration<strong> </strong>Dashboard: </span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or user with <em>ROLE_ENABLE</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Dynamic Registration </strong>tab.</li><li>Toggle the <strong>Enable</strong> switch ON. </li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-24-15.png?version=1&modificationDate=1711035066509&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-24-15.png?version=1&modificationDate=1711035066509&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191648" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-24-15.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>NOTE:</strong> Once a dynamic registration has been enabled<strong>, </strong>it <strong>cannot</strong> be switch to OFF or disabled.</p><h3 id="SAMLMetadataConfigurationManager-DynamicRegistrationGroupAssociation"><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Dynamic Registration</span></span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"> Group Association</span></span></h3><p><span style="color: rgb(0,0,0);">Administrators can edit a dynamic registration's group association. </span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To change a registration's group association from the Dynamic Registration<strong> </strong>Dashboard: </span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator.</em></span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Dynamic Registration </strong>tab.</li><li>Click in the <strong>Group</strong> dropdown menu for the corresponding source and select the new group.</li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-25-0.png?version=1&modificationDate=1711035066485&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-25-0.png?version=1&modificationDate=1711035066485&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191647" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-25-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong>NOTE:</strong> Once a dynamic registration's group association has changed, the registration is removed from the view of the original group's members, including the author.</p><h3 id="SAMLMetadataConfigurationManager-DeleteDynamicRegistration">Delete <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Dynamic Registration</span></span></h3><p>Administrators can delete dynamic registrations that are currently disabled. To delete a registration from the Metadata Source<strong> </strong>Dashboard: </p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Dynamic Registration </strong>tab.</li><li>Click <strong>delete</strong> icon for the corresponding registration.</li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.</li></ol><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-26-4.png?version=1&modificationDate=1711035066382&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-26-4.png?version=1&modificationDate=1711035066382&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191646" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-26-4.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span>NOTE:</strong> Once a dynamic registration has been enabled, it cannot be deleted. </p><h2 id="SAMLMetadataConfigurationManager-AdminDashboard">Admin Dashboard</h2><p>The Admin dashboard displays the Shibboleth IdP UI users and the following information about them<span style="color: rgb(0,0,0);">:</span></p><ul><li><span style="color: rgb(0,0,0);">UserId</span></li><li><span style="color: rgb(0,0,0);">Name</span></li><li><span style="color: rgb(0,0,0);">Email</span></li><li><span style="color: rgb(0,0,0);">Role</span></li><li><span style="color: rgb(0,0,0);">Group</span></li></ul><p>There are three basic user roles in Shibboleth IdP UI:</p><ul><li><strong>ROLE_ADMIN:</strong> <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">A user with ROLE_ADMIN, Administrator,</span></span> is able to view, approve, enable, and modify all metadata sources, metadata providers, and dynamic registrations. They also have access to all administrative functions including the Admin dashboard, Action Required dashboard, and Advanced features. </li><li><strong>ROLE_ENABLE:</strong> A user with ROLE_ENABLE has the ability to create, edit, and enable metadata sources belonging to their group.</li><li><strong>ROLE_USER:</strong> A user with ROLE_USER has the ability to create and edit metadata sources belonging to their group, but cannot enable them.</li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><p><a href="#ShibbolethIdPUIUserGuide-AssigningaDifferentRoletoaUser">Assign roles to users</a></p></li><li><p><a href="#ShibbolethIdPUIUserGuide-AssigningaDifferentRoletoaUser">Assign users to groups</a></p></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><a href="#ShibbolethIdPUIUserGuide-DeleteauserfromShibbolethIdPUI">Delete users</a></span></span></li></ul><h3 id="SAMLMetadataConfigurationManager-.4"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-28-30.png?version=1&modificationDate=1711035066357&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-28-30.png?version=1&modificationDate=1711035066357&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191645" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-28-30.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h3><h3 id="SAMLMetadataConfigurationManager-AssigningaDifferentRoletoaUser">Assigning a Different Role to a User</h3><p>The Administrator can assign users to different role. To reassign a user to a new role:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Admin </strong>tab. <span style="color: rgb(0,0,0);"> </span></li><li><span style="color: rgb(0,0,0);">Click in the<span> </span></span><strong style="text-align: left;">Role</strong><span style="color: rgb(0,0,0);"><span> </span>dropdown menu for the corresponding user and select the desired role from the list. </span><span style="color: rgb(0,0,0);">The role is assigned to the user and a success message is displayed.</span></li></ol><p><span style="color: rgb(0,0,0);"><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-29-17.png?version=1&modificationDate=1711035066332&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-29-17.png?version=1&modificationDate=1711035066332&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191644" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-29-17.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></span></p><p><span style="color: rgb(0,0,0);"><strong>NOTE:</strong> <span style="color: rgb(23,43,77);">The <strong>Role</strong> dropdown menu is populated with the roles in the system, including any custom roles the Administrator has defined.</span></span></p><h3 id="SAMLMetadataConfigurationManager-Assigninguserstoagroup">Assigning users to a group</h3><p>The Administrator can assign users to different groups. To reassign a user to a new group:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Admin </strong>tab. <span style="color: rgb(0,0,0);"> </span></li><li><span style="color: rgb(0,0,0);">Click the<span> </span></span><strong style="text-align: left;">Group</strong><span style="color: rgb(0,0,0);"><span> </span>dropdown menu for the corresponding user and select the desired group from the list. </span><span style="color: rgb(0,0,0);">The user is assigned to the group and a success message is displayed.</span></li></ol><p><span style="color: rgb(0,0,0);"><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-30-0.png?version=1&modificationDate=1711035066305&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-30-0.png?version=1&modificationDate=1711035066305&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191643" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-30-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></span></p><p><span style="color: rgb(0,0,0);"><strong>NOTE:</strong> </span><span style="color: rgb(0,0,0);"><span style="color: rgb(23,43,77);">The Group dropdown is populated with the groups in the system, including any custom group the Administrator has defined.</span> </span></p><h3 id="SAMLMetadataConfigurationManager-DeleteauserfromShibbolethIdPUI">Delete a user from Shibboleth IdP UI</h3><p>The Administrator can delete a user account from Shibboleth IdP UI. To remove a user:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Admin </strong>tab. <span style="color: rgb(0,0,0);"> </span><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"> </span></span></li><li><span style="color: rgb(0,0,0);">Locate the user you want to remove and click the<span> corresponding <strong>delete</strong> icon</span></span><span style="color: rgb(0,0,0);">. </span></li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.</li></ol><h2 id="SAMLMetadataConfigurationManager-.5"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-32-17.png?version=1&modificationDate=1711035066245&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-32-17.png?version=1&modificationDate=1711035066245&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191641" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-32-17.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h2><h2 id="SAMLMetadataConfigurationManager-ActionRequiredDashboard">Action Required Dashboard</h2><p>The Action Required Dashboard provides the Administrator with five types of notifications<span style="color: rgb(51,102,255);">: </span></p><ul><li><span style="color: rgb(0,0,0);"><strong>Enable Metadata Sources: </strong>D<span style="color: rgb(0,51,102);">isplays requests when a user creates a new metadata source.</span></span></li><li><span style="color: rgb(0,0,0);"><strong>Approve Metadata Sources: </strong>D<span style="color: rgb(0,51,102);">isplays requests when a user creates a new metadata source for a group that requires an approval.</span></span></li><li><span style="color: rgb(0,0,0);"><strong>Enable Dynamic Registrations:</strong> D<span style="color: rgb(0,51,102);">isplays requests when a user creates a new dynamic registration.</span></span></li><li><span style="color: rgb(0,0,0);"><strong>Approve Dynamic Registrations:</strong> D<span style="color: rgb(0,51,102);">isplays requests when a user creates a new dynamic registration for a group that requires an approval.</span></span></li><li><span style="color: rgb(0,0,0);"><strong>User Access Requests:</strong> </span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">User Access Requests prompts administrators</span> </span>to <a href="#ShibbolethIdPUIUserGuide-UserAccessRequest">assign roles for new users</a></li></ul><h3 id="SAMLMetadataConfigurationManager-EnableMetadataSources">Enable Metadata Sources</h3><p>The <strong>Enable Metadata Sources </strong>section within the <strong>Action Required</strong> tab is only available to the Administrators. Administrators can perform the following actions from the <strong>Enable Metadata Sources </strong>section:</p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access a metadata source configurations</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Enable a metadata source</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Delete a metadata source</span></span></li></ul><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-35-48.png?version=1&modificationDate=1711035066218&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-35-48.png?version=1&modificationDate=1711035066218&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191640" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-35-48.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To access a metadata source configurations from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab. </li><li>Click the <strong>Enable Metadata Sources </strong>button</li><li>Click on the title of the source.</li></ol><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-36-44.png?version=1&modificationDate=1711035066194&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-36-44.png?version=1&modificationDate=1711035066194&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191639" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-36-44.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To enable a metadata source from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab. <span style="color: rgb(0,0,0);"> </span><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"> </span></span><span style="color: rgb(0,0,0);"> </span></li><li>Click the <strong>Enable Metadata Sources </strong>button.</li><li>Toggle the <strong>Enabled</strong> switch to <strong>On</strong> for the corresponding metadata source.</li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-37-47.png?version=1&modificationDate=1711035066169&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-37-47.png?version=1&modificationDate=1711035066169&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191638" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-37-47.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>A success message is displayed and the items is removed from the list. Return to the Metadata Source Dashboard to verified the metadata source has been enabled. </p><p><strong>NOTE:</strong> If the metadata source has not been approved, enabling it will do both, approve and enable it.</p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To delete a metadata source from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab.<span style="color: rgb(0,0,0);"> </span></li><li>Click the <strong>Enable Metadata Sources </strong>button.</li><li>Click delete icon for the corresponding source.</li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.</li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-38-35.png?version=1&modificationDate=1711035066145&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-38-35.png?version=1&modificationDate=1711035066145&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191637" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-38-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>A success message is displayed and the items is removed from the list. Return to the Metadata Source Dashboard to verified the metadata source has been deleted. </p><h3 id="SAMLMetadataConfigurationManager-ApproveMetadataSources">Approve Metadata Sources</h3><p>The <strong>Approve Metadata Sources </strong>section within the <strong>Action Required</strong> tab is available to the Administrators and members of groups with <span style="color: rgb(23,43,77);">the authority to </span><strong>approve</strong><span style="color: rgb(23,43,77);"><span> </span>other groups' metadata source</span>. Users can perform the following actions from the <strong>Approve Metadata Sources </strong>section:</p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access a metadata source configurations</span></span></li><li>Approve the metadata source</li></ul><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-39-18.png?version=1&modificationDate=1711035066121&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-39-18.png?version=1&modificationDate=1711035066121&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191636" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-39-18.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>Administrators can also perform the following action from the <strong>Approve Metadata Sources </strong>section:</p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Delete a metadata source</span></span></li></ul><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-40-3.png?version=1&modificationDate=1711035066096&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-40-3.png?version=1&modificationDate=1711035066096&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191635" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-40-3.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To access a metadata source configurations from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator </em>or<em> members of groups with <span style="color: rgb(23,43,77);">the authority to </span><strong>approve</strong><span style="color: rgb(23,43,77);"><span> </span>other groups' metadata source</span> </em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab. </li><li>Click the <strong>Approve Metadata Sources </strong>button.</li><li>Click on the title of the source.</li></ol><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-40-55.png?version=1&modificationDate=1711035066072&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-40-55.png?version=1&modificationDate=1711035066072&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191634" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-40-55.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To approve a metadata source from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or members of groups with <span style="color: rgb(23,43,77);">the authority to </span><strong>approve</strong><span style="color: rgb(23,43,77);"><span> </span>other groups' metadata source</span>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab.</li><li>Click the <strong>Approve Metadata Sources </strong>button.</li><li>Click on the <strong>Approve</strong> button for the corresponding metadata source.</li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-41-42.png?version=1&modificationDate=1711035066049&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-41-42.png?version=1&modificationDate=1711035066049&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191633" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-41-42.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>A success message is displayed and the items is removed from the list. Return to the Metadata Source Dashboard to verified the metadata source has been approved. </p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To delete a metadata source from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab.<span style="color: rgb(0,0,0);"> </span></li><li>Click the <strong>Approve Metadata Sources </strong>button.</li><li>Click delete icon for the corresponding source.</li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.</li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-42-30.png?version=1&modificationDate=1711035066025&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-42-30.png?version=1&modificationDate=1711035066025&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191632" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-42-30.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>A success message is displayed and the items is removed from the list. Return to the Metadata Source Dashboard to verified the metadata source has been deleted. </p><h3 id="SAMLMetadataConfigurationManager-EnableDynamicRegistrations">Enable Dynamic <strong>Registrations</strong></h3><p>The <strong>Enable Dynamic Registrations </strong>section within the <strong>Action Required</strong> tab is only available to the Administrators. Administrators can perform the following actions from the <strong>Enable Dynamic Registrations</strong><strong> </strong>section:</p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access a dynamic registration configurations</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Enable a dynamic registration</span></span></li></ul><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-43-24.png?version=1&modificationDate=1711035066001&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-43-24.png?version=1&modificationDate=1711035066001&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191631" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-43-24.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To access dynamic registration configurations from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab. </li><li>Click the <strong>Enable Dynamic Registration </strong>button</li><li>Click on the title of the registration.</li></ol><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-44-34.png?version=1&modificationDate=1711035065976&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-44-34.png?version=1&modificationDate=1711035065976&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191630" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-44-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To enable a dynamic registration from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab. <span style="color: rgb(0,0,0);"> </span><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"> </span></span><span style="color: rgb(0,0,0);"> </span></li><li>Click the <strong>Enable Dynamic Registration </strong>button</li><li>Toggle the <strong>Enabled</strong> switch to <strong>On</strong> for the corresponding registration.</li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-45-22.png?version=1&modificationDate=1711035065952&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-45-22.png?version=1&modificationDate=1711035065952&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191629" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-45-22.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>A success message is displayed and the items is removed from the list. Return to the Dynamic Registration Dashboard to verified the registration has been enabled. </p><p><strong>NOTE:</strong> If the dynamic registration has not been approved, enabling it will do both, approve and enable it.</p><h3 id="SAMLMetadataConfigurationManager-ApproveDynamicRegistrations">Approve Dynamic <strong>Registrations</strong></h3><p>The <strong>Approve Dynamic Registrations </strong>section within the <strong>Action Required</strong> tab is available to the Administrators and members of groups with <span style="color: rgb(23,43,77);">the authority to </span><strong>approve</strong><span style="color: rgb(23,43,77);"><span> </span>other groups' dynamic registration</span>. Users can perform the following actions from the <strong>Approve</strong> <strong>Dynamic Registrations</strong><strong> </strong>section:</p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access a dynamic registration configurations</span></span></li><li>Approve the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">dynamic registration</span></span></li></ul><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-46-19.png?version=1&modificationDate=1711035065928&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-46-19.png?version=1&modificationDate=1711035065928&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191628" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-46-19.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To access a dynamic registration configurations from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or members of groups with <span style="color: rgb(23,43,77);">the authority to </span><strong>approve</strong><span style="color: rgb(23,43,77);"><span> </span>other groups' metadata source</span>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab. </li><li>Click the <strong>Approve Dynamic Registration </strong>button</li><li>Click on the title of the registration.</li></ol><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-47-0.png?version=1&modificationDate=1711035065905&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-47-0.png?version=1&modificationDate=1711035065905&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191627" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-47-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To approve a dynamic registration from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em> or members of groups with <span style="color: rgb(23,43,77);">the authority to </span><strong>approve</strong><span style="color: rgb(23,43,77);"><span> </span>other groups' metadata source</span>.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab.</li><li>Click the <strong>Approve Dynamic Registration </strong>button.</li><li>Click on the <strong>Approve</strong> button for the corresponding registration.</li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-47-41.png?version=1&modificationDate=1711035065881&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-47-41.png?version=1&modificationDate=1711035065881&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191626" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-47-41.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>A success message is displayed and the items is removed from the list. Return to the Dynamic Registration<strong> </strong>Dashboard to verified the registration has been approved. </p><h3 id="SAMLMetadataConfigurationManager-UserAccessRequest">User Access Request</h3><p>Users can be added using two methods. The first method is to include the users in the user file during application deployment. The second method is to insert your IdP in front of the Shibboleth IdP UI application. You can publish a link to individuals you would like to use the application. When they receive the link, they can sign in to the application. The first time a user accesses the application, the user will see a "user request received" notification as shown below, and the new user will be displayed on the administrator Action Required dashboard as shown below:</p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-48-48.png?version=1&modificationDate=1711035065858&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-48-48.png?version=1&modificationDate=1711035065858&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191625" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-48-48.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>Once a new user request has been received, the Administrator can assign a role or delete the request.</p><p>The <strong>User Access Request </strong>section within the <strong>Action Required</strong> tab is only available to the Administrators. Administrators can perform the following actions from the <strong>User Access Request</strong><strong> </strong>section:</p><ul><li>Assign a new role to a user</li><li>Delete the request</li></ul><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-49-40.png?version=1&modificationDate=1711035065835&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-49-40.png?version=1&modificationDate=1711035065835&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191624" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-49-40.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>To assign a new role to a user <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">from the <strong>Action Required</strong> dashboard:</span></span><span style="color: rgb(0,0,0);"> </span></p><ol><li>Log into Shibboleth IdP UI as the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab.<span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"> A red circle with a number will appear on the Administrator's Action Required tab on their Dashboard. </span></span></li><li>Click the <strong>User Access Request </strong>button. </li><li><span style="color: rgb(0,0,0);">Locate the new user and click the <strong>Role</strong> dropdown menu to display the available roles. </span><span style="color: rgb(0,0,0);"> </span></li><li><span style="color: rgb(0,0,0);">Select the desired role from list. </span></li></ol><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-50-46.png?version=1&modificationDate=1711035065812&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-50-46.png?version=1&modificationDate=1711035065812&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191623" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-50-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>The role will be assigned to the user, the User Access Request is removed from the list, and a success message is displayed.</p><p>To delete the user request <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">from the <strong>Action Required</strong> dashboard:</span></span></p><ol><li>Log into Shibboleth IdP UI as the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator.</span></span></li><li>Navigate to the <strong>Dashboard</strong> → <strong>Action Required </strong>tab.<span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"> A red circle with a number will appear on the Administrator's Action Required tab on their Dashboard. </span></span></li><li>Click the <strong>User Access Request </strong>button.</li><li>Click <strong>Delete Request</strong> button for the corresponding request. <span>A confirmation message will be displayed as shown below. </span><span> </span><span> </span></li><li><span>Click the <strong>Delete</strong> button. </span></li></ol><p><span><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-51-29.png?version=1&modificationDate=1711035065788&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_11-51-29.png?version=1&modificationDate=1711035065788&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191622" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_11-51-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></p><p><span><span style="color: rgb(0,0,0);">The request is deleted, the User Access Request is removed from the list, and a confirmation message is displayed.</span></span></p><h1 id="SAMLMetadataConfigurationManager-AddNew">Add New</h1><p>The Shibboleth IdP UI provides capabilities for the creation of metadata sources, metadata providers, and dynamic registrations. <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">The Administrator has the ability to create all of these while non-Administrator users can only create metadata sources and dynamic registrations.</span></span></p><h2 id="SAMLMetadataConfigurationManager-AddMetadataSource">Add Metadata Source</h2><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">There are three method for adding a metadata source:</span></span></p><ul><li><strong>Create (default option):</strong> This option <span style="color: rgb(0,0,0);">requires the user to enter information manually</span> by following the <span style="color: rgb(0,0,0);">Create Metadata Source</span> wizard and entering all pertinent information for the metadata source. <span style="color: rgb(0,0,0);"> Following the last page of the wizard (Attribute Release) the metadata configuration page will be displayed.</span></li><li><strong>Upload/URL:</strong> This option provides the user the ability to bring in existing metadata source information by uploading the information from either a file or a URL. Once the information has been saved, the metadata configuration page will be displayed to allow for modifications to be made to the information uploaded.</li><li><strong>Copy</strong> - This option provides the user the ability to bring in existing metadata source information by copying a metadata source that already exists in the Shibboleth IdP UI application. Once the information has been saved, the metadata configuration page will be displayed to allow for modifications to be made to the information uploaded.</li></ul><h3 id="SAMLMetadataConfigurationManager-CreatemetadatasourceusingSecurityAssertionMarkupLanguageprotocol">Create metadata source using Security Assertion Markup Language protocol</h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To create a metadata source using Security Assertion Markup Language (SAML) protocol:</span></span></p><ol><li>Select the <strong>Add a new metadata source</strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-14-57.png?version=1&modificationDate=1711035065765&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-14-57.png?version=1&modificationDate=1711035065765&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191621" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-14-57.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Enter values in the <strong>Service Provider Name</strong> and<strong> Entity ID</strong> fields and the <strong>Common Attributes</strong> button is activated. <p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><p><br/></p> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-16-27.png?version=1&modificationDate=1711035065742&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-16-27.png?version=1&modificationDate=1711035065742&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191620" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-16-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p>Each input on the form has a tooltip that provides additional information about the corresponding item: </p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-17-18.png?version=1&modificationDate=1711035065718&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-17-18.png?version=1&modificationDate=1711035065718&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191619" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-17-18.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard. Navigation through the wizard is controlled by either moving to the previous screen by clicking the <strong>Back</strong> button or moving to the next screen by clicking the <strong>Next</strong> button. </span>The wizard guides the user through the following pages to capture the metadata source information: <p><strong>Organization information:</strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-20-21.png?version=1&modificationDate=1711035065636&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-20-21.png?version=1&modificationDate=1711035065636&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191616" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-20-21.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <br/><strong>User Interface / MDUI information: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-36-8.png?version=1&modificationDate=1711035065612&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-36-8.png?version=1&modificationDate=1711035065612&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191615" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-36-8.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>SP SSO descriptor information:</strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-38-55.png?version=1&modificationDate=1711035065587&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-38-55.png?version=1&modificationDate=1711035065587&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191614" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-38-55.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Logout endpoints: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-39-35.png?version=1&modificationDate=1711035065563&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-39-35.png?version=1&modificationDate=1711035065563&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191613" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-39-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Security information: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-40-15.png?version=1&modificationDate=1711035065538&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-40-15.png?version=1&modificationDate=1711035065538&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191612" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-40-15.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <br/><strong>Assertion consumer services: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-41-5.png?version=1&modificationDate=1711035065513&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-41-5.png?version=1&modificationDate=1711035065513&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191611" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-41-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Relying party overrides: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-41-55.png?version=1&modificationDate=1711035065490&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-41-55.png?version=1&modificationDate=1711035065490&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191610" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-41-55.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Attribute release: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-43-5.png?version=1&modificationDate=1711035065467&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-43-5.png?version=1&modificationDate=1711035065467&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191609" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-43-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata source. You can either change the metadata source configuration details by clicking the <strong>Edit</strong> link for a section or If no edits are needed, click the <strong>Save</strong> button to add the information for the metadata source to the database. </span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-44-10.png?version=1&modificationDate=1711035065443&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-44-10.png?version=1&modificationDate=1711035065443&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191608" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-44-10.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p><strong>NOTE:</strong> If the user navigates away from the wizard <span style="color: rgb(0,0,0);">prior to saving</span>, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><h3 id="SAMLMetadataConfigurationManager-CreatemetadatasourceusingOpenIDConnectprotocol">Create metadata source using OpenID Connect protocol</h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To create a metadata source using OpenID Connect (OIDC) protocol:</span></span></p><ol><li>Select the <strong>Add a new metadata source</strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-48-0.png?version=1&modificationDate=1711035065420&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-48-0.png?version=1&modificationDate=1711035065420&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191607" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-48-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Select the <strong>OIDC (OpenID Connect)</strong> option from the<strong> Authentication Protocol</strong> dropdown menu. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-48-39.png?version=1&modificationDate=1711035065396&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-48-39.png?version=1&modificationDate=1711035065396&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191606" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-48-39.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Enter values in the <strong>Service Provider Name</strong> and<strong> Entity ID</strong> fields and the <strong>Common Attributes</strong> button is activated. <p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-49-25.png?version=1&modificationDate=1711035065372&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-49-25.png?version=1&modificationDate=1711035065372&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191605" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-49-25.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p>Each input on the form has a tooltip that provides additional information about the corresponding item: </p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-50-13.png?version=1&modificationDate=1711035065349&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-50-13.png?version=1&modificationDate=1711035065349&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191604" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-50-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </li><li><span style="color: rgb(23,43,77);">Click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard. Navigation through the wizard is controlled by either moving to the previous screen by clicking the <strong>Back</strong> button or moving to the next screen by clicking the <strong>Next</strong> button. </span>The wizard guides the user through the following pages to capture the metadata source information: <p><strong>Organization information: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-51-56.png?version=1&modificationDate=1711035065326&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-51-56.png?version=1&modificationDate=1711035065326&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191603" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-51-56.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <br/><strong>User Interface / MDUI information: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-52-33.png?version=1&modificationDate=1711035065302&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-52-33.png?version=1&modificationDate=1711035065302&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191602" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-52-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>SP SSO descriptor information: </strong></p><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-53-11.png?version=1&modificationDate=1711035065278&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-53-11.png?version=1&modificationDate=1711035065278&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191601" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-53-11.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-54-8.png?version=1&modificationDate=1711035065255&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-54-8.png?version=1&modificationDate=1711035065255&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191600" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-54-8.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p><p><strong><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-54-46.png?version=1&modificationDate=1711035065230&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-54-46.png?version=1&modificationDate=1711035065230&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191599" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-54-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p></li><li><p><strong>Logout endpoints: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-55-53.png?version=1&modificationDate=1711035065205&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-55-53.png?version=1&modificationDate=1711035065205&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191598" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-55-53.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Security information: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-56-35.png?version=1&modificationDate=1711035065182&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-56-35.png?version=1&modificationDate=1711035065182&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191597" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-56-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Assertion consumer services: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-57-33.png?version=1&modificationDate=1711035065158&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-57-33.png?version=1&modificationDate=1711035065158&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191596" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-57-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Relying party overrides: </strong></p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-59-5.png?version=1&modificationDate=1711035065135&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_13-59-5.png?version=1&modificationDate=1711035065135&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191595" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_13-59-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-0-41.png?version=1&modificationDate=1711035065111&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-0-41.png?version=1&modificationDate=1711035065111&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191594" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-0-41.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-1-49.png?version=1&modificationDate=1711035065088&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-1-49.png?version=1&modificationDate=1711035065088&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191593" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-1-49.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-2-56.png?version=1&modificationDate=1711035065065&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-2-56.png?version=1&modificationDate=1711035065065&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191592" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-2-56.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p><strong>Attribute release: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-3-34.png?version=1&modificationDate=1711035065041&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-3-34.png?version=1&modificationDate=1711035065041&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191591" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-3-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata source. You can either change the metadata source configuration details by clicking the <strong>Edit</strong> link for a section or If no edits are needed, click the <strong>Save</strong> button to add the information for the metadata source to the database. </span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-4-26.png?version=1&modificationDate=1711035065018&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-4-26.png?version=1&modificationDate=1711035065018&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191590" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-4-26.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p><strong>NOTE:</strong> If the user navigates away from the wizard <span style="color: rgb(0,0,0);">prior to saving</span>, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><h3 id="SAMLMetadataConfigurationManager-Uploadametadatasource">Upload a metadata source<span style="color: rgb(0,0,0);"> </span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To upload a metadata source:</span></span></p><ol><li>Select the <strong>Add a new metadata source</strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-12-58.png?version=1&modificationDate=1711035064995&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-12-58.png?version=1&modificationDate=1711035064995&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191589" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-12-58.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span>Click on the </span><strong>Upload/URL</strong><span> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-13-35.png?version=1&modificationDate=1711035064971&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-13-35.png?version=1&modificationDate=1711035064971&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191588" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-13-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li>Enter values in the<strong> Service Provider Name </strong>field. <p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-14-17.png?version=1&modificationDate=1711035064948&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-14-17.png?version=1&modificationDate=1711035064948&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191587" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-14-17.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Choose File</strong> button and select a file. <p><strong>Note:</strong> You can only import a file with a single entityID (EntityDescriptor element) in it. Anything more in that file will result in an error.</p> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-14-50.png?version=1&modificationDate=1711035064924&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-14-50.png?version=1&modificationDate=1711035064924&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191586" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-14-50.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-15-25.png?version=1&modificationDate=1711035064901&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-15-25.png?version=1&modificationDate=1711035064901&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191585" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-15-25.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p>All data will be retrieved from the metadata file and the newly uploaded source will appear on the Metadata Source Dashboard.</p></li></ol><h3 id="SAMLMetadataConfigurationManager-CreatemetadatasourcefromaURL">Create metadata source from a URL</h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To create a metadata source using a URL:</span></span></p><ol><li>Select the <strong>Add a new metadata source</strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-16-13.png?version=1&modificationDate=1711035064878&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-16-13.png?version=1&modificationDate=1711035064878&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191584" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-16-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click on the <strong>Upload/URL</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-16-46.png?version=1&modificationDate=1711035064854&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-16-46.png?version=1&modificationDate=1711035064854&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191583" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-16-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Enter a value in the<strong> Service Provider Name </strong>field. <p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-17-16.png?version=1&modificationDate=1711035064831&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-17-16.png?version=1&modificationDate=1711035064831&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191582" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-17-16.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter values in the<strong> Service Provider Metadata URL</strong> and click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-17-49.png?version=1&modificationDate=1711035064808&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-17-49.png?version=1&modificationDate=1711035064808&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191581" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-17-49.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><h3 id="SAMLMetadataConfigurationManager-Copyametadatasource">Copy a metadata source</h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To copy an existing metadata source:</span></span></p><ol><li>Select the <strong>Add a new metadata source</strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-18-27.png?version=1&modificationDate=1711035064784&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-18-27.png?version=1&modificationDate=1711035064784&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191580" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-18-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click on the <strong>Copy</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-19-11.png?version=1&modificationDate=1711035064761&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-19-11.png?version=1&modificationDate=1711035064761&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191579" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-19-11.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Select the metadata source to copy from the<strong> <label class="form-label"><span>Select the Entity ID to copy</span></label></strong> dropdown menu. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-19-42.png?version=1&modificationDate=1711035064737&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-19-42.png?version=1&modificationDate=1711035064737&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191578" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-19-42.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Enter values in the<strong> Service Provider Name</strong> and<strong> Entity ID </strong>fields. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-20-15.png?version=1&modificationDate=1711035064714&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-20-15.png?version=1&modificationDate=1711035064714&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191577" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-20-15.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Check the boxes for the corresponding sections of the metadata source to be copied. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-20-57.png?version=1&modificationDate=1711035064690&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-20-57.png?version=1&modificationDate=1711035064690&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191576" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-20-57.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Finished</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-21-27.png?version=1&modificationDate=1711035064666&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-21-27.png?version=1&modificationDate=1711035064666&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191575" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-21-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><p>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-22-0.png?version=1&modificationDate=1711035064642&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-11_14-22-0.png?version=1&modificationDate=1711035064642&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191574" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-11_14-22-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li></ol><h2 id="SAMLMetadataConfigurationManager-AddNewMetadataProviders">Add New Metadata Providers</h2><p>There are five types of metadata providers:</p><ul><li>FileBackedHTTPMetadataProvider</li><li>FileSystemMetadataProvider</li><li>LocalDynamicMetadataProvider</li><li>DynamicHTTPMetadataProvider</li><li><span style="color: rgb(33,37,41);">ExternalMetadataResolver</span> </li></ul><h3 id="SAMLMetadataConfigurationManager-CreateaFileBackedHTTPMetadataProvider">Create a File Backed HTTP Metadata Provider</h3><p>To create a file backed HTTP metadata provider:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Add a new metadata provider </strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-51-41.png?version=1&modificationDate=1711035064618&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-51-41.png?version=1&modificationDate=1711035064618&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191573" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-51-41.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a value in the <strong>Metadata Provider Name</strong><span> field. </span></span><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-52-21.png?version=1&modificationDate=1711035064595&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-52-21.png?version=1&modificationDate=1711035064595&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191572" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-52-21.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-52-56.png?version=1&modificationDate=1711035064572&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-52-56.png?version=1&modificationDate=1711035064572&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191571" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-52-56.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Select the <strong>FileBackedHTTPMetadataResolver</strong> option from the <strong>Metadata Provider Type</strong> dropdown menu<span style="color: rgb(23,43,77);"><span> </span>then click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard.</span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-54-13.png?version=1&modificationDate=1711035064548&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-54-13.png?version=1&modificationDate=1711035064548&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191570" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-54-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Navigation through the wizard is controlled by either moving to the previous screen by clicking the<span> </span><strong>Back</strong><span> </span>button or moving to the next screen by clicking the<span> </span><strong>Next</strong><span> </span>button.<span> </span></span><span style="color: rgb(23,43,77);">The wizard guides the user through the following pages to capture the File Backed HTTP metadata provider information: </span> <p><strong>Common Attributes: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-54-51.png?version=1&modificationDate=1711035064525&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-54-51.png?version=1&modificationDate=1711035064525&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191569" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-54-51.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Reloading Attributes:</strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-55-27.png?version=1&modificationDate=1711035064501&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-55-27.png?version=1&modificationDate=1711035064501&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191568" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-55-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Metadata Filter Plugins: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-56-12.png?version=1&modificationDate=1711035064478&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-56-12.png?version=1&modificationDate=1711035064478&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191567" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-56-12.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata provider. You can either change the metadata provider configuration details by clicking the<span> </span></span><strong style="text-align: left;">Edit</strong><span style="color: rgb(0,0,0);"><span> </span>link for a section or If no edits are needed, click the<span> </span></span><strong style="text-align: left;">Save</strong><span style="color: rgb(0,0,0);"><span> </span>button to add the information for the metadata provider to the database</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-56-56.png?version=1&modificationDate=1711035064454&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-56-56.png?version=1&modificationDate=1711035064454&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191566" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-56-56.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> If the user navigates away from the wizard prior to saving, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><p>Once saved, an Administrator also has the ability to enable the metadata provider for use in an IdP.</p><h3 id="SAMLMetadataConfigurationManager-CreateaFileSystemMetadataProvider">Create a File System Metadata Provider</h3><p>To create a file system metadata provider:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Add a new metadata provider </strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-57-43.png?version=1&modificationDate=1711035064431&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-57-43.png?version=1&modificationDate=1711035064431&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191565" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-57-43.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a value in the <strong>Metadata Provider Name</strong><span> field. </span></span><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-58-18.png?version=1&modificationDate=1711035064406&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-58-18.png?version=1&modificationDate=1711035064406&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191564" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-58-18.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-59-2.png?version=1&modificationDate=1711035064383&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-59-2.png?version=1&modificationDate=1711035064383&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191563" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-59-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Select the <strong>FilesystemMetadataResolver</strong> option from the <strong>Metadata Provider Type</strong> dropdown menu<span style="color: rgb(23,43,77);"><span> </span>then click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard.</span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-59-37.png?version=1&modificationDate=1711035064360&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_7-59-37.png?version=1&modificationDate=1711035064360&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191562" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_7-59-37.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Navigation through the wizard is controlled by either moving to the previous screen by clicking the<span> </span><strong>Back</strong><span> </span>button or moving to the next screen by clicking the<span> </span><strong>Next</strong><span> </span>button.<span> </span></span><span style="color: rgb(23,43,77);">The wizard guides the user through the following pages to capture the File Backed HTTP metadata provider information: </span> <p><strong>Common Attributes: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-0-13.png?version=1&modificationDate=1711035064336&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-0-13.png?version=1&modificationDate=1711035064336&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191561" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-0-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Dynamic Attributes:</strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-0-46.png?version=1&modificationDate=1711035064313&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-0-46.png?version=1&modificationDate=1711035064313&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191560" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-0-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata provider. You can either change the metadata provider configuration details by clicking the<span> </span></span><strong style="text-align: left;">Edit</strong><span style="color: rgb(0,0,0);"><span> </span>link for a section or If no edits are needed, click the<span> </span></span><strong style="text-align: left;">Save</strong><span style="color: rgb(0,0,0);"><span> </span>button to add the information for the metadata provider to the database</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-1-22.png?version=1&modificationDate=1711035064289&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-1-22.png?version=1&modificationDate=1711035064289&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191559" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-1-22.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> If the user navigates away from the wizard prior to saving, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><p>Once saved, an Administrator also has the ability to enable the metadata provider for use in an IdP.</p><h3 id="SAMLMetadataConfigurationManager-CreateaLocalDynamicMetadataProvider"><span style="color: rgb(0,51,102);">Create a Local Dynamic Metadata Provider</span></h3><p>To create a local dynamic metadata provider:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Add a new metadata provider </strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-2-5.png?version=1&modificationDate=1711035064265&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-2-5.png?version=1&modificationDate=1711035064265&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191558" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-2-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a value in the <strong>Metadata Provider Name</strong><span> field. </span></span><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-3-32.png?version=1&modificationDate=1711035064241&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-3-32.png?version=1&modificationDate=1711035064241&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191557" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-3-32.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-4-6.png?version=1&modificationDate=1711035064216&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-4-6.png?version=1&modificationDate=1711035064216&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191556" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-4-6.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Select the <strong>LocalDynamicMetadataResolver</strong> option from the <strong>Metadata Provider Type</strong> dropdown menu<span style="color: rgb(23,43,77);"><span> </span>then click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard.</span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-4-39.png?version=1&modificationDate=1711035064192&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-4-39.png?version=1&modificationDate=1711035064192&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191555" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-4-39.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Navigation through the wizard is controlled by either moving to the previous screen by clicking the<span> </span><strong>Back</strong><span> </span>button or moving to the next screen by clicking the<span> </span><strong>Next</strong><span> </span>button.<span> </span></span><span style="color: rgb(23,43,77);">The wizard guides the user through the following pages to capture the File Backed HTTP metadata provider information: </span> <p><strong>Common Attributes: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-5-13.png?version=1&modificationDate=1711035064168&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-5-13.png?version=1&modificationDate=1711035064168&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191554" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-5-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Dynamic Attributes:</strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-5-41.png?version=1&modificationDate=1711035064144&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-5-41.png?version=1&modificationDate=1711035064144&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191553" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-5-41.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata provider. You can either change the metadata provider configuration details by clicking the<span> </span></span><strong style="text-align: left;">Edit</strong><span style="color: rgb(0,0,0);"><span> </span>link for a section or If no edits are needed, click the<span> </span></span><strong style="text-align: left;">Save</strong><span style="color: rgb(0,0,0);"><span> </span>button to add the information for the metadata provider to the database</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-6-15.png?version=1&modificationDate=1711035064121&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-6-15.png?version=1&modificationDate=1711035064121&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191552" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-6-15.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> If the user navigates away from the wizard prior to saving, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><p>Once saved, an Administrator also has the ability to enable the metadata provider for use in an IdP.</p><h3 id="SAMLMetadataConfigurationManager-CreateaDynamicHTTPMetadataProvider"><span style="color: rgb(0,51,102);">Create a Dynamic HTTP Metadata Provider</span></h3><p>To create a dynamic HTTP metadata provider:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Add a new metadata provider </strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-6-56.png?version=1&modificationDate=1711035064098&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-6-56.png?version=1&modificationDate=1711035064098&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191551" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-6-56.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a value in the <strong>Metadata Provider Name</strong><span> field. </span></span><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-7-31.png?version=1&modificationDate=1711035064075&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-7-31.png?version=1&modificationDate=1711035064075&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191550" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-7-31.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-8-2.png?version=1&modificationDate=1711035064051&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-8-2.png?version=1&modificationDate=1711035064051&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191549" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-8-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Select the <strong>DynamicHTTPMetadataResolver</strong> option from the <strong>Metadata Provider Type</strong> dropdown menu<span style="color: rgb(23,43,77);"><span> </span>then click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard.</span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-8-32.png?version=1&modificationDate=1711035064028&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-8-32.png?version=1&modificationDate=1711035064028&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191548" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-8-32.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Navigation through the wizard is controlled by either moving to the previous screen by clicking the<span> </span><strong>Back</strong><span> </span>button or moving to the next screen by clicking the<span> </span><strong>Next</strong><span> </span>button.<span> </span></span><span style="color: rgb(23,43,77);">The wizard guides the user through the following pages to capture the File Backed HTTP metadata provider information: </span> <p><strong>Common Attributes: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-9-12.png?version=1&modificationDate=1711035064004&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-9-12.png?version=1&modificationDate=1711035064004&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191547" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-9-12.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Dynamic Attributes:</strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-9-43.png?version=1&modificationDate=1711035063981&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-9-43.png?version=1&modificationDate=1711035063981&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191546" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-9-43.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Metadata Filter Plugins: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-10-17.png?version=1&modificationDate=1711035063958&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-10-17.png?version=1&modificationDate=1711035063958&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191545" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-10-17.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata provider. You can either change the metadata provider configuration details by clicking the<span> </span></span><strong style="text-align: left;">Edit</strong><span style="color: rgb(0,0,0);"><span> </span>link for a section or If no edits are needed, click the<span> </span></span><strong style="text-align: left;">Save</strong><span style="color: rgb(0,0,0);"><span> </span>button to add the information for the metadata provider to the database</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-11-0.png?version=1&modificationDate=1711035063935&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-11-0.png?version=1&modificationDate=1711035063935&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191544" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-11-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> If the user navigates away from the wizard prior to saving, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><p>Once saved, an Administrator also has the ability to enable the metadata provider for use in an IdP.</p><h3 id="SAMLMetadataConfigurationManager-CreateaExternalMetadataResolver"><span style="color: rgb(0,0,0);">Create a External Metadata Resolver</span></h3><p>To create an external metadata resolver:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Add a new metadata provider </strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-11-33.png?version=1&modificationDate=1711035063911&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-11-33.png?version=1&modificationDate=1711035063911&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191543" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-11-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a value in the <strong>Metadata Provider Name</strong><span> field. </span></span><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-12-4.png?version=1&modificationDate=1711035063888&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-12-4.png?version=1&modificationDate=1711035063888&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191542" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-12-4.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-12-41.png?version=1&modificationDate=1711035063865&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-12-41.png?version=1&modificationDate=1711035063865&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191541" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-12-41.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Select the <strong>ExternalMetadataResolver</strong> option from the <strong>Metadata Provider Type</strong> dropdown menu<span style="color: rgb(23,43,77);"><span> </span>then click the<span> </span></span><strong style="text-align: left;">Common Attributes</strong><span style="color: rgb(23,43,77);"><span> </span>button to continue through the wizard.</span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-13-21.png?version=1&modificationDate=1711035063841&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-13-21.png?version=1&modificationDate=1711035063841&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191540" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-13-21.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);"><span style="color: rgb(33,37,41);">Enter values in the <strong>Metadata Resolver ID </strong>and<strong> Description</strong><span> fields. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-14-4.png?version=1&modificationDate=1711035063817&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-14-4.png?version=1&modificationDate=1711035063817&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191539" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-14-4.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></span> </li><li><span style="color: rgb(0,0,0);">Click the <strong>Finish</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-14-35.png?version=1&modificationDate=1711035063787&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-14-35.png?version=1&modificationDate=1711035063787&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191538" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-14-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span style="color: rgb(0,0,0);">The final page of the wizard displays all of the values enter for the metadata provider. You can either change the metadata provider configuration details by clicking the<span> </span></span><strong style="text-align: left;">Edit</strong><span style="color: rgb(0,0,0);"><span> </span>link for a section or If no edits are needed, click the<span> </span></span><strong style="text-align: left;">Save</strong><span style="color: rgb(0,0,0);"><span> </span>button to add the information for the metadata provider to the database</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-15-5.png?version=1&modificationDate=1711035063761&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-12_8-15-5.png?version=1&modificationDate=1711035063761&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191537" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-12_8-15-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> If the user navigates away from the wizard prior to saving, the user will be notified that any unsaved changes will be discarded. Therefore, it is necessary to complete the new metadata source wizard in order to save a new metadata source to the database.</p></li></ol><p>Once saved, an Administrator also has the ability to enable the metadata provider for use in an IdP.<br/><br/></p><h2 id="SAMLMetadataConfigurationManager-AddDynamicRegistration">Add Dynamic Registration</h2><p>The Shibboleth IdP UI has been configured to communicate to the Shibboleth OIDC plugin's API using dynamic registration.</p><p>Dynamic registration supports the following standard client metadata fields are currently supported:</p><ul><li>Redirect Uris</li><li>Application Type</li><li>Contacts</li><li>Logo Uri</li><li>Policy Uri</li><li>Response Types</li><li>Grant Types</li><li>Jwks</li><li>Scope</li><li>Subject Type</li><li>Token Endpoint Auth Method</li><li>TOS Uri</li><li>Add Dynamic Registration</li></ul><p>For additional information regarding Dynamic Registrations visit the <a class="external-link" href="https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376879077/OPDynamicClientRegistration">OPDynamicClientRegistration</a> Confluence page.</p><h3 id="SAMLMetadataConfigurationManager-CreateaDynamicRegistration">Create <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">a Dynamic Registration</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">T</span></span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">o create a dynamic registration in the <span style="color: rgb(23,43,77);">Shibboleth IdP UI</span>:</span></span></p><ol><li>Select the <strong>Add a new <span style="color: rgb(23,43,77);"><span><strong style="text-align: left;">dynamic registration</strong></span></span></strong> option from the <strong>Add New</strong> menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-17-31.png?version=1&modificationDate=1711035063738&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-17-31.png?version=1&modificationDate=1711035063738&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191536" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-17-31.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter values for the <span style="color: rgb(23,43,77);"><span><strong>Name</strong> and <strong>Redirect Uris</strong> fields.</span></span><span> </span></span><p><strong>NOTE:</strong> On this page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-18-7.png?version=1&modificationDate=1711035063714&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-18-7.png?version=1&modificationDate=1711035063714&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191535" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-18-7.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-18-50.png?version=1&modificationDate=1711035063691&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-18-50.png?version=1&modificationDate=1711035063691&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191534" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-18-50.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(23,43,77);"><span>The remaining fields are optional and can be left blank or values can be added. For additional information regarding the standard client metadata fields that are currently supported visit <a class="external-link" href="https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata">Supported Client Metadata</a>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-19-43.png?version=1&modificationDate=1711035063667&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-19-43.png?version=1&modificationDate=1711035063667&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191533" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-19-43.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li><li><span style="color: rgb(23,43,77);"><span>Click the <strong>Save</strong> button </span></span><span style="color: rgb(0,0,0);">to add the information for the dynamic registration to the database.</span></li></ol><h1 id="SAMLMetadataConfigurationManager-Configurations">Configurations</h1><h2 id="SAMLMetadataConfigurationManager-MetadataSourceConfiguration">Metadata Source Configuration</h2><p><span style="color: rgb(23,43,77);">When<span style="color: rgb(0,0,0);"> you click</span> a metadata source's title, the Source Configuration screen is opened. </span><span style="color: rgb(23,43,77);">This page displays the following common information for the metadata source: </span></p><ul><li>Date and time of last saved update</li><li>Author</li><li>Group association</li><li>Enabled status</li><li>Current/Not Current version status</li><li>Options values</li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Assign the metadata source to a group</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Enable or disable a metadata source</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Delete a metadata source</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access version history</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">View the source's XML</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Edit the source's options</span></span></li></ul><h3 id="SAMLMetadataConfigurationManager-AssigntheMetadataSourcetoaGroup"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Assign the Metadata Source to a Group</span></span></h3><p><span style="color: rgb(0,0,0);">Administrators can edit a metadata source's group association. </span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To change a source's group association from the Metadata Source<strong><span> </span></strong>Configuration page: </span></span></p><ol><li>Click in the<span> </span><strong>Group</strong><span> </span>dropdown menu to display the group list. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-29-13.png?version=1&modificationDate=1711035063644&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-29-13.png?version=1&modificationDate=1711035063644&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191532" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-29-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click on the name of the new group from the list. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-29-59.png?version=1&modificationDate=1711035063621&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-29-59.png?version=1&modificationDate=1711035063621&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191531" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-29-59.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><p><br/></p><p><strong>NOTE:</strong><span> </span>Once a metadata source group association has changed, the source is removed from the view of the original group's members, including the author.</p><h3 id="SAMLMetadataConfigurationManager-Enable/DisableMetadataSource"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Enable/Disable Metadata Source</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To enable a source from the Metadata Source<strong><span> </span></strong>Configuration page:</span></span></p><ol><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Click the <strong>Enable</strong> button</span><span style="color: rgb(0,0,0);">. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-30-38.png?version=1&modificationDate=1711035063598&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-30-38.png?version=1&modificationDate=1711035063598&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191530" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-30-38.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span><p><strong>NOTE:</strong> The source will show Enabled now and the button has changed to <strong>Disable</strong>.</p></li><li>Click the <strong>Disable</strong> button to disable the source. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-31-11.png?version=1&modificationDate=1711035063574&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-31-11.png?version=1&modificationDate=1711035063574&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191529" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-31-11.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><h3 id="SAMLMetadataConfigurationManager-DeletingaMetadataSource">Deleting a Metadata Source</h3><p>To delete a source from the Metadata Source<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>: </p><ol><li>Click <strong>Delete</strong> button located in the upper-right corner. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-31-44.png?version=1&modificationDate=1711035063551&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-31-44.png?version=1&modificationDate=1711035063551&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191528" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-31-44.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p><strong>NOTE:</strong> A confirmation modal is displayed.</p></li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-32-39.png?version=1&modificationDate=1711035063529&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-32-39.png?version=1&modificationDate=1711035063529&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191527" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-32-39.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p><strong>NOTE:</strong> Once a metadata source has been enabled, it cannot be deleted. You will need to disable the source prior to deleting it.</p></li></ol><h3 id="SAMLMetadataConfigurationManager-MetadataSourceVersionHistory">Metadata Source Version History</h3><p>The Version History page displays all of the versions that were saved for the metadata source. To access a source's version history from Metadata Source<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>: </p><ol><li>Click on the <strong>Version History</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-33-19.png?version=1&modificationDate=1711035063505&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-33-19.png?version=1&modificationDate=1711035063505&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191526" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-33-19.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><p>The Version History screen is displayed: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-33-53.png?version=1&modificationDate=1711035063481&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-33-53.png?version=1&modificationDate=1711035063481&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191525" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-33-53.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>The following actions can be initiated from this page: </p><ul><li><strong>Compare versions </strong></li><li><strong>Display/edit versions</strong></li><li><strong>Restore versions</strong></li></ul><h4 id="SAMLMetadataConfigurationManager-CompareVersions">Compare Versions</h4><p>To compare versions of a metadata source from the Version History<span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"> page</span></span>: </p><ol><li>Select two or more boxes <span style="color: rgb(0,0,0);">for the corresponding versions you want to compare. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-34-28.png?version=1&modificationDate=1711035063458&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-34-28.png?version=1&modificationDate=1711035063458&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191524" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-34-28.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span style="color: rgb(0,0,0);">Click the <strong>Compare Selected</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-34-58.png?version=1&modificationDate=1711035063434&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-34-58.png?version=1&modificationDate=1711035063434&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191523" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-34-58.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><h4 id="SAMLMetadataConfigurationManager-FullDataDisplay">Full Data Display</h4><p>When two or more versions are selected to compare, the Compare Source Configuration will be displayed. This display shows all data fields for the metadata source and highlights the fields that are different between the versions. </p><h4 id="SAMLMetadataConfigurationManager-.6"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-35-34.png?version=1&modificationDate=1711035063411&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-35-34.png?version=1&modificationDate=1711035063411&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191522" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-35-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h4><h4 id="SAMLMetadataConfigurationManager-ChangesOnlyDisplay">Changes Only Display</h4><p>An additional option is available by toggling the View Only Changes field. The page displayed will display only the fields that have changed.</p><h4 id="SAMLMetadataConfigurationManager-.7"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-36-14.png?version=1&modificationDate=1711035063387&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-36-14.png?version=1&modificationDate=1711035063387&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191521" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-36-14.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h4><h4 id="SAMLMetadataConfigurationManager-RestoreVersion">Restore Version</h4><p>To restore a metadata source to a previous version from the Version History<span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"> page</span></span>: </p><ol><li>Click the <strong>Restore</strong> link <span style="color: rgb(0,0,0);">for the corresponding version you want to restore. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-36-54.png?version=1&modificationDate=1711035063364&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-36-54.png?version=1&modificationDate=1711035063364&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191520" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-36-54.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span style="color: rgb(0,0,0);">Click the <strong>Restore</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-37-22.png?version=1&modificationDate=1711035063340&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-37-22.png?version=1&modificationDate=1711035063340&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191519" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-37-22.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span style="color: rgb(0,0,0);">Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-37-52.png?version=1&modificationDate=1711035063317&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-37-52.png?version=1&modificationDate=1711035063317&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191518" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-37-52.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><p>Once you click the <strong>Save</strong> button, a new version is created and the configuration page is displayed. The new version contains the information that was saved for the version selected.</p><h3 id="SAMLMetadataConfigurationManager-MetadataSourceXML">Metadata Source XML </h3><p>To display a source's XML version from Metadata Source<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Click the <strong>XML</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-38-38.png?version=1&modificationDate=1711035063293&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-38-38.png?version=1&modificationDate=1711035063293&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191517" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-38-38.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>To return to the Options view, click the Options link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-39-6.png?version=1&modificationDate=1711035063270&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-39-6.png?version=1&modificationDate=1711035063270&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191516" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-39-6.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><h3 id="SAMLMetadataConfigurationManager-EditMetadataSource">Edit Metadata Source</h3><p>To edit the source's options from Metadata Source<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Click on the <strong>Edit</strong> link for one of the source's section. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-39-40.png?version=1&modificationDate=1711035063246&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-39-40.png?version=1&modificationDate=1711035063246&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191515" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-39-40.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p>When you click the Edit link in the Source Configuration page, the section you selected to edit is displayed on the page. The link in the left navigation is highlighted indicating the section displayed. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-40-20.png?version=1&modificationDate=1711035063221&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-40-20.png?version=1&modificationDate=1711035063221&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191514" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-40-20.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><p><span>Make your desired edits for this section and or click on other sections to make edits to their fields.</span></p></li><li><p><span>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-40-50.png?version=1&modificationDate=1711035063196&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_11-40-50.png?version=1&modificationDate=1711035063196&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191513" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_11-40-50.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p><p><strong>NOTE:</strong> Multiple sections can be modified prior to selecting <strong>Save</strong> and the modifications for all sections will be saved.</p></li></ol><h2 id="SAMLMetadataConfigurationManager-MetadataProviderConfiguration">Metadata Provider Configuration</h2><p><span style="color: rgb(23,43,77);">When<span style="color: rgb(0,0,0);"> you click</span> a metadata provider's title, the Provider Configuration screen is opened. </span><span style="color: rgb(23,43,77);">This page displays the following common information for the metadata provider: </span></p><ul><li>Date and time of last saved update</li><li>Author</li><li>Enabled status</li><li>Current/Not Current version status</li><li>Options values</li><li>Filters </li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Access version history</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">View the source's XML</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Edit the source's options</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Add/Edit/Delete filters:</span></span></li></ul><h3 id="SAMLMetadataConfigurationManager-MetadataProviderVersionHistory">Metadata Provider Version History</h3><p>The Version History page displays all of the versions that were saved for the metadata provider. To access a source's version history from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>: </p><ol><li>Click on the<span> </span><strong>Version History</strong><span> </span>link. <span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-4-56.png?version=1&modificationDate=1711035063172&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-4-56.png?version=1&modificationDate=1711035063172&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191512" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-4-56.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><p>The Version History screen is displayed: <span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-5-50.png?version=1&modificationDate=1711035063148&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-5-50.png?version=1&modificationDate=1711035063148&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191511" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-5-50.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p><p>The following actions can be initiated from this page: </p><ul><li><strong>Compare versions </strong></li><li><strong>Display/edit versions</strong></li><li><strong>Restore versions</strong></li></ul><h4 id="SAMLMetadataConfigurationManager-CompareVersions.1">Compare Versions</h4><p>To compare versions of a metadata source from the Version History<span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"> page</span></span>: </p><ol><li>Select two or more boxes<span> </span><span style="color: rgb(0,0,0);">for the corresponding versions you want to compare.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-6-25.png?version=1&modificationDate=1711035063123&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-6-25.png?version=1&modificationDate=1711035063123&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191510" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-6-25.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li><li><span style="color: rgb(0,0,0);">Click the<span> </span><strong>Compare Selected</strong><span> </span>button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-7-0.png?version=1&modificationDate=1711035063098&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-7-0.png?version=1&modificationDate=1711035063098&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191509" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-7-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><h4 id="SAMLMetadataConfigurationManager-FullDataDisplay.1">Full Data Display</h4><p>When two or more versions are selected to compare, the Compare Provider Configuration will be displayed. This display shows all data fields for the metadata provider and highlights the fields that are different between the versions. </p><h4 id="SAMLMetadataConfigurationManager-.8"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-13-2.png?version=1&modificationDate=1711035063074&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-13-2.png?version=1&modificationDate=1711035063074&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191508" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-13-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h4><h4 id="SAMLMetadataConfigurationManager-ChangesOnlyDisplay.1">Changes Only Display</h4><p>An additional option is available by toggling the View Only Changes field. The page displayed will display only the fields that have changed.</p><h4 id="SAMLMetadataConfigurationManager-.9"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-13-40.png?version=1&modificationDate=1711035063050&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-13-40.png?version=1&modificationDate=1711035063050&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191507" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-13-40.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h4><h4 id="SAMLMetadataConfigurationManager-RestoreVersion.1">Restore Version</h4><p>To restore a metadata provider to a previous version from the Version History<span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"> page</span></span>: </p><ol><li>Click the<span> </span><strong>Restore</strong><span> </span>link<span> </span><span style="color: rgb(0,0,0);">for the corresponding version you want to restore.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-14-18.png?version=1&modificationDate=1711035063026&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-14-18.png?version=1&modificationDate=1711035063026&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191506" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-14-18.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li><li><span style="color: rgb(0,0,0);">Click the<span> </span><strong>Restore</strong><span> </span>button. <span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-14-51.png?version=1&modificationDate=1711035063002&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-14-51.png?version=1&modificationDate=1711035063002&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191505" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-14-51.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li><li><span style="color: rgb(0,0,0);">Click the<span> </span><strong>Save</strong><span> </span>button. </span><span style="color: rgb(0,0,0);"> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-17-51.png?version=1&modificationDate=1711035062889&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-17-51.png?version=1&modificationDate=1711035062889&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191501" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-17-51.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><p>Once you click the<span> </span><strong>Save</strong><span> </span>button, a new version is created and the configuration page is displayed. The new version contains the information that was saved for the version selected.</p><h3 id="SAMLMetadataConfigurationManager-MetadateProviderFilters">Metadate Provider Filters</h3><p>There are three types of filters you can add to a metadata providers:</p><ul><li>EntityAttributes</li><li>NameIDFormat</li><li>Algorithm</li></ul><h4 id="SAMLMetadataConfigurationManager-AddFilterwithSearchType:EntityID">Add Filter with Search Type: Entity ID</h4><p>To add an EntityAttributes filter to a metadata provider from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the page. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-18-45.png?version=1&modificationDate=1711035062858&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-18-45.png?version=1&modificationDate=1711035062858&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191500" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-18-45.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>+ Add Filter</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-19-16.png?version=1&modificationDate=1711035062834&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-19-16.png?version=1&modificationDate=1711035062834&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191499" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-19-16.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Select the desired filter</span><span style="color: rgb(23,43,77);"> option from the<span> </span></span><strong style="text-align: left;">Metadata Filter Type</strong><span style="color: rgb(23,43,77);"><span> </span>menu.</span><span style="color: rgb(23,43,77);"> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-19-47.png?version=1&modificationDate=1711035062804&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-19-47.png?version=1&modificationDate=1711035062804&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191498" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-19-47.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span><p><strong>NOTE:</strong> Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-23-4.png?version=1&modificationDate=1711035062772&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-23-4.png?version=1&modificationDate=1711035062772&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191497" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-23-4.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Once the filter type is selected, the page will expand to display the data fields that can be entered for that filter type. The interface is similar to the provider edit interface in that there is a left-hand navigation for the different sections of the filter's definition. <br/><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><p><strong>Filter Target: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-23-35.png?version=1&modificationDate=1711035062741&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-23-35.png?version=1&modificationDate=1711035062741&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191496" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-23-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <br/><strong>Options: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-24-9.png?version=1&modificationDate=1711035062708&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-24-9.png?version=1&modificationDate=1711035062708&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191495" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-24-9.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Attributes: </strong></p></li><li><span style="color: rgb(23,43,77);">Enter a value in the <strong>Filter Name</strong></span><span style="color: rgb(23,43,77);"><span> </span>field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-25-57.png?version=1&modificationDate=1711035062638&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-25-57.png?version=1&modificationDate=1711035062638&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191493" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-25-57.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span>Select the search criteria from the <span style="color: rgb(33,37,41);"><strong>Search Criteria by Entity ID</strong> menu or enter a new criteria then click the <strong>Add Entity ID + </strong>button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-27-4.png?version=1&modificationDate=1711035062574&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-27-4.png?version=1&modificationDate=1711035062574&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191491" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-27-4.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li><li><span>Once you have completed all the screens, click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-28-1.png?version=1&modificationDate=1711035062542&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-28-1.png?version=1&modificationDate=1711035062542&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191490" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-28-1.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><h4 id="SAMLMetadataConfigurationManager-AddFilterwithSearchType:Regex">Add Filter with Search Type: Regex</h4><p>To add an EntityAttributes filter to a metadata provider from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the page. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-28-46.png?version=1&modificationDate=1711035062510&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-28-46.png?version=1&modificationDate=1711035062510&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191489" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-28-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>+ Add Filter</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-29-24.png?version=1&modificationDate=1711035062479&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-29-24.png?version=1&modificationDate=1711035062479&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191488" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-29-24.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Select the desired filter</span><span style="color: rgb(23,43,77);"> option from the<span> </span></span><strong style="text-align: left;">Metadata Filter Type</strong><span style="color: rgb(23,43,77);"><span> </span>menu.</span><span style="color: rgb(23,43,77);"> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-30-3.png?version=1&modificationDate=1711035062448&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-30-3.png?version=1&modificationDate=1711035062448&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191487" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-30-3.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span><p><strong>NOTE:</strong> Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-30-46.png?version=1&modificationDate=1711035062416&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-30-46.png?version=1&modificationDate=1711035062416&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191486" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-30-46.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Once the filter type is selected, the page will expand to display the data fields that can be entered for that filter type. The interface is similar to the provider edit interface in that there is a left-hand navigation for the different sections of the filter's definition. <br/><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><p><strong>Filter Target: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-31-29.png?version=1&modificationDate=1711035062383&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-31-29.png?version=1&modificationDate=1711035062383&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191485" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-31-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <br/><strong>Options: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-32-0.png?version=1&modificationDate=1711035062349&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-32-0.png?version=1&modificationDate=1711035062349&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191484" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-32-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Attributes: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-36-38.png?version=1&modificationDate=1711035062121&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-36-38.png?version=1&modificationDate=1711035062121&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191478" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-36-38.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p></li><li><span style="color: rgb(23,43,77);">Enter a value in the <strong>Filter Name</strong></span><span style="color: rgb(23,43,77);"><span> </span>field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-37-21.png?version=1&modificationDate=1711035062085&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-37-21.png?version=1&modificationDate=1711035062085&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191477" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-37-21.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span><span style="color: rgb(33,37,41);"><span style="color: rgb(23,43,77);">Select the <strong>Regex</strong></span><span style="color: rgb(23,43,77);"> option from the </span><strong style="text-align: left;">Search By</strong><span style="color: rgb(23,43,77);"> menu</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-38-0.png?version=1&modificationDate=1711035062051&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-38-0.png?version=1&modificationDate=1711035062051&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191476" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-38-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span></li><li><span style="color: rgb(23,43,77);">Enter a value in the <strong>Regex</strong></span><span style="color: rgb(23,43,77);"><span> </span>field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-38-33.png?version=1&modificationDate=1711035062016&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-38-33.png?version=1&modificationDate=1711035062016&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191475" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-38-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span>Once you have completed all the screens, click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-39-14.png?version=1&modificationDate=1711035061982&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-39-14.png?version=1&modificationDate=1711035061982&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191474" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-39-14.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><h4 id="SAMLMetadataConfigurationManager-AddFilterwithSearchType:Script">Add Filter with Search Type: Script</h4><p>To add an EntityAttributes filter to a metadata provider from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the page. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-39-55.png?version=1&modificationDate=1711035061948&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-39-55.png?version=1&modificationDate=1711035061948&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191473" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-39-55.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>+ Add Filter</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-40-29.png?version=1&modificationDate=1711035061915&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-40-29.png?version=1&modificationDate=1711035061915&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191472" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-40-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);">Select the desired filter</span><span style="color: rgb(23,43,77);"> option from the<span> </span></span><strong style="text-align: left;">Metadata Filter Type</strong><span style="color: rgb(23,43,77);"><span> </span>menu.</span><span style="color: rgb(23,43,77);"> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-41-0.png?version=1&modificationDate=1711035061879&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-41-0.png?version=1&modificationDate=1711035061879&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191471" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-41-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span><p><strong>NOTE:</strong> Each input on the form has a tooltip that provides additional information about the corresponding item: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-41-27.png?version=1&modificationDate=1711035061835&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-41-27.png?version=1&modificationDate=1711035061835&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191470" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-41-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>Once the filter type is selected, the page will expand to display the data fields that can be entered for that filter type. The interface is similar to the provider edit interface in that there is a left-hand navigation for the different sections of the filter's definition. <br/><p><strong>NOTE:</strong> On each page, fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field.</p><p><strong>Filter Target: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-42-2.png?version=1&modificationDate=1711035061800&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-42-2.png?version=1&modificationDate=1711035061800&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191469" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-42-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <br/><strong>Options: </strong> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-42-34.png?version=1&modificationDate=1711035061765&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-42-34.png?version=1&modificationDate=1711035061765&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191468" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-42-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><strong>Attributes: <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-44-0.png?version=1&modificationDate=1711035061695&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-44-0.png?version=1&modificationDate=1711035061695&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191466" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-44-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong></p></li><li><span style="color: rgb(23,43,77);">Enter a value in the <strong>Filter Name</strong></span><span style="color: rgb(23,43,77);"><span> </span>field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-44-40.png?version=1&modificationDate=1711035061661&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-44-40.png?version=1&modificationDate=1711035061661&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191465" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-44-40.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span><span style="color: rgb(33,37,41);"><span style="color: rgb(23,43,77);">Select the <strong>Regex</strong></span><span style="color: rgb(23,43,77);"> option from the </span><strong style="text-align: left;">Search By</strong><span style="color: rgb(23,43,77);"> menu</span>. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-45-49.png?version=1&modificationDate=1711035061598&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-45-49.png?version=1&modificationDate=1711035061598&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191463" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-45-49.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span></li><li><span style="color: rgb(23,43,77);">Enter a value in the <strong>Script</strong></span><span style="color: rgb(23,43,77);"><span> </span>field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-46-48.png?version=1&modificationDate=1711035061570&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-46-48.png?version=1&modificationDate=1711035061570&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191462" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-46-48.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span>Once you have completed all the screens, click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-47-33.png?version=1&modificationDate=1711035061545&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-47-33.png?version=1&modificationDate=1711035061545&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191461" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-47-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></li></ol><h4 id="SAMLMetadataConfigurationManager-ReorderFilters"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Reorder Filters</span></span></h4><p>To reorder filters from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the page.</li><li>Click either the UP or DOWN arrow to move a corresponding filter. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-48-11.png?version=1&modificationDate=1711035061520&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-48-11.png?version=1&modificationDate=1711035061520&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191460" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-48-11.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><h4 id="SAMLMetadataConfigurationManager-EnableFilters"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Enable Filters</span></span></h4><p>To enable filters from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the</li><li>Toggle the<span> </span><strong>Enabled</strong><span> </span><span>switch ON for the corresponding filter. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-48-45.png?version=1&modificationDate=1711035061496&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-48-45.png?version=1&modificationDate=1711035061496&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191459" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-48-45.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><p><strong>NOTE:</strong><span> </span>You can also disable the metadata provider by toggling the<span> </span><strong>Enable</strong><span> </span>switch to OFF.</p><h4 id="SAMLMetadataConfigurationManager-EditFilters"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Edit Filters</span></span></h4><p>To delete filters from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the</li><li><span>Click on the title of the desired filter to be deleted. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-50-2.png?version=1&modificationDate=1711035061471&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-50-2.png?version=1&modificationDate=1711035061471&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191458" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-50-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span>Click on the <strong>Edit</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-52-0.png?version=1&modificationDate=1711035061374&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-52-0.png?version=1&modificationDate=1711035061374&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191455" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-52-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></li><li><p><span>Make your desired edits for this section and or click on other sections to make edits to their fields.</span></p></li><li>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-52-50.png?version=1&modificationDate=1711035061348&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-52-50.png?version=1&modificationDate=1711035061348&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191454" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-52-50.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> Filters do not have a separate version number to select from version history. When metadata provider versions are selected, the filters corresponding to each metadata provider version selected are displayed below the metadata provider data at the bottom of the page. </p></li></ol><h4 id="SAMLMetadataConfigurationManager-MetadataFilterComparisonselection"><span style="color: rgb(0,51,102);">Metadata Filter Comparison selection</span></h4><p>The order of the filters may not be the same for each metadata provider. Click the checkbox next to the corresponding filters (same filter name) to compare the values for the filter. The differences will the be displayed. </p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-53-29.png?version=1&modificationDate=1711035061324&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-53-29.png?version=1&modificationDate=1711035061324&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191453" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-53-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><h4 id="SAMLMetadataConfigurationManager-.10"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-54-12.png?version=1&modificationDate=1711035061299&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_12-54-12.png?version=1&modificationDate=1711035061299&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191452" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_12-54-12.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></h4><h4 id="SAMLMetadataConfigurationManager-DeleteFilters"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Delete Filters</span></span></h4><p>To delete filters from Metadata Provider<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Either click the <strong>Filters</strong> link or scroll to the bottom of the</li><li><span>Click on the title of the desired filter to be deleted. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-24-30.png?version=1&modificationDate=1711035061273&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-24-30.png?version=1&modificationDate=1711035061273&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191451" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-24-30.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span>Click on the <strong>Delete</strong> link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-25-13.png?version=1&modificationDate=1711035061247&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-25-13.png?version=1&modificationDate=1711035061247&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191450" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-25-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span>Click the <strong>Delete</strong> button on the confirmation message.</span> </li></ol><h3 id="SAMLMetadataConfigurationManager-MetadataProviderXML">Metadata Provider XML </h3><p>To display a source's XML version from Metadata Source<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Click the<span> </span><strong>XML</strong><span> </span>link. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-33-10.png?version=1&modificationDate=1711035061220&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-33-10.png?version=1&modificationDate=1711035061220&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191449" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-33-10.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>To return to the Options view, click the Options link. <span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-33-51.png?version=1&modificationDate=1711035061192&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-33-51.png?version=1&modificationDate=1711035061192&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191448" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-33-51.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><h3 id="SAMLMetadataConfigurationManager-EditMetadataProvider">Edit Metadata Provider</h3><p>To edit the source's options from Metadata Source<strong><span> </span></strong><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>:</p><ol><li>Click on the<span> </span><strong>Edit</strong><span> </span>link for one of the source's section. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-34-28.png?version=1&modificationDate=1711035061164&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-34-28.png?version=1&modificationDate=1711035061164&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191447" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-34-28.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><p>When you click the Edit link in the Source Configuration page, the section you selected to edit is displayed on the page. The link in the left navigation is highlighted indicating the section displayed.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-35-0.png?version=1&modificationDate=1711035061138&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-35-0.png?version=1&modificationDate=1711035061138&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191446" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-35-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p></li><li><p><span>Make your desired edits for this section and or click on other sections to make edits to their fields.</span></p></li><li><p><span>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-35-34.png?version=1&modificationDate=1711035061113&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-35-34.png?version=1&modificationDate=1711035061113&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191445" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-35-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p><p><strong>NOTE:</strong><span> </span>Multiple sections can be modified prior to selecting<span> </span><strong>Save</strong><span> </span>and the modifications for all sections will be saved.</p></li></ol><p>When<span style="color: rgb(0,0,0);"> you click</span> the Edit link in the Provider Configuration page, the section <span style="color: rgb(0,0,0);">you</span> selected to edit is displayed on the page. The link in the left navigation is highlighted indicating the section displayed. The following functions can be performed on this page:</p><ul><li>Modifications can be made to the data on the page</li><li>Data can be saved by clicking the Save button. All modifications for the metadata source will be saved and the Source Configuration page will be displayed. Note: Multiple sections can be modified prior to selecting Save and the modifications for all sections will be saved.</li><li>Clicking the Cancel button will cause the Source Configuration to be displayed and all modifications made since the last Save will be ignored.</li><li>Clicking the link for another section in the left navigation will initiate the display of a new page containing the data for that section.</li></ul><p><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-36-17.png?version=1&modificationDate=1711035061087&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-36-17.png?version=1&modificationDate=1711035061087&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191444" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-36-17.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p><p><span style="color: rgb(0,0,0);">In addition to editing the information that was included during the add process for a metadata provider, Advanced Settings may also be modified. Click the Advanced Settings link in the left navigation and toggle the switch at the top of the page to unlock the fields for editing.</span></p><p>Note: <span style="color: rgb(0,0,0);">Advanced Settings</span> are an advanced function and should not normally need to be modified.</p><h2 id="SAMLMetadataConfigurationManager-.11"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-37-2.png?version=1&modificationDate=1711035061060&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-37-2.png?version=1&modificationDate=1711035061060&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191443" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-37-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h2><h2 id="SAMLMetadataConfigurationManager-DynamicRegistrationConfiguration">Dynamic Registration Configuration</h2><p><span style="color: rgb(23,43,77);">When<span style="color: rgb(0,0,0);"> you click</span> a dynamic registration's title, the Dynamic Registration Configuration screen is opened. </span><span style="color: rgb(23,43,77);">This page displays the following common information for the Dynamic Registration: </span></p><ul><li>Date and time of last saved update</li><li>Author</li><li>Group association</li><li>Enabled status</li><li>Options values</li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Assign the registration to a group</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Enable the registration</span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Delete the registration </span></span></li><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Edit the source's options</span></span></li></ul><p><span style="color: rgb(0,0,0);">Administrators can edit a dynamic registration's group association. </span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To change a registration's group association from the Dynamic Registration<strong><span> </span></strong>Configuration page: </span></span></p><h3 id="SAMLMetadataConfigurationManager-AssigntheDynamicRegistrationtoaGroup"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Assign the Dynamic Registration to a Group</span></span></h3><p><span style="color: rgb(0,0,0);">Administrators can edit a dynamic registration's group association. </span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To change a registration's group association from the Dynamic Registration<strong><span> </span></strong>Configuration page: </span></span></p><ol><li>Click in the<span> </span><strong>Group</strong><span> </span>dropdown menu to display the group list.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-44-20.png?version=1&modificationDate=1711035061035&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-44-20.png?version=1&modificationDate=1711035061035&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191442" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-44-20.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li>Click on the name of the new group from the list.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image confluence-external-resource" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/172263805/image2023-4-13_13-45-35.png?version=1&modificationDate=1681418737412&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/172263805/image2023-4-13_13-45-35.png?version=1&modificationDate=1681418737412&api=v2"></span></span><span> </span></li></ol><p><strong>NOTE:</strong><span> </span>Once a <span style="color: rgb(0,0,0);">dynamic registration</span> group association has changed, the registration is removed from the view of the original group's members, including the author.</p><h3 id="SAMLMetadataConfigurationManager-EnableaDynamicRegistrationfromtheConfigurationscreen"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Enable a Dynamic Registration from the Configuration screen</span></span></h3><p><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">To enable a registration from the Dynamic Registration<strong><span> </span></strong>Configuration page:</span></span></p><ol><li><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Click the<span> </span><strong>Enable</strong><span> </span>button</span><span style="color: rgb(0,0,0);">. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-49-39.png?version=1&modificationDate=1711035060931&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-49-39.png?version=1&modificationDate=1711035060931&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191438" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-49-39.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <span> </span></span></span><p><strong>NOTE:</strong><span> </span>The source will show Enabled now and the button has changed to<span> </span><strong>Disable</strong>.</p></li></ol><h3 id="SAMLMetadataConfigurationManager-DeletingaDynamicRegistrationfromtheConfigurationscreen">Deleting <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">a Dynamic Registration </span></span><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">from the Configuration screen</span></span></h3><p>To delete a <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">registration</span></span> from the Dynamic Registration <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>: </p><ol><li>Click the <strong>Delete</strong><span> </span>button located in the upper-right corner. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-50-14.png?version=1&modificationDate=1711035060907&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-50-14.png?version=1&modificationDate=1711035060907&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191437" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-50-14.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><span> </span><p><strong>NOTE:</strong> A confirmation modal is displayed.</p></li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.<br/><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-50-53.png?version=1&modificationDate=1711035060883&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-50-53.png?version=1&modificationDate=1711035060883&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191436" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-50-53.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/><p><strong>NOTE:</strong> Once a dynamic registration has been enabled, it cannot be deleted. </p></li></ol><ol><li><h3 id="SAMLMetadataConfigurationManager-EditaDynamicRegistration"><span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Edit a Dynamic Registration</span></span></h3><p>To edit a <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">registration</span></span> from the Dynamic Registration <span style="color: rgb(51,102,255);"><span style="color: rgb(0,0,0);">Configuration page</span></span>: </p><ol><li>Click the <strong>Edit</strong><span> </span>link located in the upper-right corner. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-51-27.png?version=1&modificationDate=1711035060859&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-51-27.png?version=1&modificationDate=1711035060859&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191435" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-51-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><p><span>Make your desired edits for this section and or click on other sections to make edits to their fields.</span></p></li><li><p><span>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-53-3.png?version=1&modificationDate=1711035060801&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_13-53-3.png?version=1&modificationDate=1711035060801&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191433" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_13-53-3.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></p></li></ol><h1 id="SAMLMetadataConfigurationManager-AdvancedFeatures">Advanced Features</h1><p><span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">The Shibboleth IdP UI has five Advanced functions:</span> </span></p><ul><li><span style="color: rgb(0,0,0);">Custom entity attributes</span></li><li><span style="color: rgb(0,0,0);">Attribute bundles</span></li><li><span style="color: rgb(0,0,0);">Groups</span></li><li><span style="color: rgb(0,0,0);">Roles</span></li><li><span style="color: rgb(0,0,0);">Shibboleth Configurations</span></li></ul><h2 id="SAMLMetadataConfigurationManager-CustomEntityAttributes"><span style="color: rgb(0,0,0);">Custom Entity Attributes</span></h2><p><span style="color: rgb(0,0,0);">Custom Entity Attributes can be added by an administrator. These attributes become options on the Relying Party Overrides section when configuring a Metadata Source or an Entity Attributes Filter. </span>The Custom Entity Attributes screen displays the custom entity attributes created in the Shibboleth IdP UI application and has the following information about them<span style="color: rgb(0,0,0);">:</span></p><ul><li><span style="color: rgb(0,0,0);">Attribute Name</span></li><li><span style="color: rgb(0,0,0);">Type</span></li><li><span style="color: rgb(0,0,0);">Help Text</span></li><li><span style="color: rgb(0,0,0);">Default Value</span></li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><p>Create a new attribute</p></li><li>Edit an existing attribute </li><li>Delete an attribute</li></ul></li></ol><h3 id="SAMLMetadataConfigurationManager-Addnewcustomentityattribute">Add new custom entity attribute</h3><p><span style="color: rgb(0,0,0);">To create a custom entity attribute:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Custom entity attribute </strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-8-35.png?version=1&modificationDate=1711035060775&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-8-35.png?version=1&modificationDate=1711035060775&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191432" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_14-8-35.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Add new attributes </strong>button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-9-6.png?version=1&modificationDate=1711035060752&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-9-6.png?version=1&modificationDate=1711035060752&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191431" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_14-9-6.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> The fields that require information to be entered are denoted by a '<span style="color: rgb(255,0,0);">*</span>' at the end of the description for the field. </p> </li><li><span style="color: rgb(33,37,41);">Enter a values for the <strong>Custom Entity Attribute Name</strong> field<span>. </span></span><p><strong>Name:</strong> The name of the entry used to uniquely identify this entry.</p><span style="color: rgb(33,37,41);"><span><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-9-42.png?version=1&modificationDate=1711035060729&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-9-42.png?version=1&modificationDate=1711035060729&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191430" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_14-9-42.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p>Each input on the form has a tooltip that provides additional information about the corresponding item: <span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="750" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-10-10.png?version=1&modificationDate=1711035060706&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-10-10.png?version=1&modificationDate=1711035060706&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191429" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_14-10-10.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p></li><li>Select an option from the <strong>Attribute Type</strong> menu. <p><strong>Attribute Type:</strong> The type to use when displaying this option.</p> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-10-39.png?version=1&modificationDate=1711035060682&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-10-39.png?version=1&modificationDate=1711035060682&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191428" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_14-10-39.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p>It is possible to create the following types of Entity Attributes:</p><p>-<strong>String</strong> (simple plain text) <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-11-20.png?version=1&modificationDate=1711035060659&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-13_14-11-20.png?version=1&modificationDate=1711035060659&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191427" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-13_14-11-20.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/>-<strong>Boolean</strong> (allows options to store as a string or boolean value) <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-35-27.png?version=1&modificationDate=1711035060636&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-35-27.png?version=1&modificationDate=1711035060636&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191426" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-35-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/>-<strong>List</strong> (list of strings with a default option) <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-36-7.png?version=1&modificationDate=1711035060613&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-36-7.png?version=1&modificationDate=1711035060613&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191425" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-36-7.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/>-<strong>Long</strong> (stored as a string) <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-36-44.png?version=1&modificationDate=1711035060590&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-36-44.png?version=1&modificationDate=1711035060590&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191424" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-36-44.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/>-<strong>Double</strong> (stored as a string) <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-37-19.png?version=1&modificationDate=1711035060560&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-37-19.png?version=1&modificationDate=1711035060560&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191423" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-37-19.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span><br/>-<strong>Duration</strong> (stored as a string in the ISO-8601 duration format) example:<strong> PT1H <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-38-0.png?version=1&modificationDate=1711035060536&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-38-0.png?version=1&modificationDate=1711035060536&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191422" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-38-0.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></strong><br/>-<strong>Spring Bean ID</strong> (stored as a string) <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-38-33.png?version=1&modificationDate=1711035060512&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-38-33.png?version=1&modificationDate=1711035060512&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191421" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-38-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li>After the attribute type has been select, enter the attribute value for the type: <p>-<strong>Default Value:</strong> One or more values to be displayed as default options in the UI<br/>-<strong>Persist Type:</strong> Optional. If it is necessary to persist something different than the override's display type, set that type here. For example, display a boolean, but persist a string.<br/>-<strong>Persist Value:</strong> Required only when Persist Type is used. Defines the value to be persisted.</p></li><li><span style="color: rgb(33,37,41);">Enter a values for the <strong>Friendly name</strong> field<span>. </span></span><p><strong>Attribute Friendly Name:</strong> This is the friendly name associated with the above attributeName.</p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-39-13.png?version=1&modificationDate=1711035060489&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-39-13.png?version=1&modificationDate=1711035060489&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191420" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-39-13.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a values for the <strong>Attribute name</strong> field<span>. </span></span><p><strong>Attribute Name: </strong>This is the name of the attribute to be used in the xml. This is assumed to be a URI.</p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-39-45.png?version=1&modificationDate=1711035060465&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-39-45.png?version=1&modificationDate=1711035060465&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191419" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-39-45.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a values for the <strong>Display name </strong>field<span>.</span></span> <p><strong>Display Name:</strong> This will normally be the label used when displaying this override in the UI.</p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-40-19.png?version=1&modificationDate=1711035060441&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-40-19.png?version=1&modificationDate=1711035060441&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191418" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-40-19.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Optional: Enter a values for the <strong>Help Text </strong>field<span>. </span></span><p><strong>Help Text:</strong> This is the help-icon hover-over text.</p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-41-8.png?version=1&modificationDate=1711035060417&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-41-8.png?version=1&modificationDate=1711035060417&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191417" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-41-8.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);"><span>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-41-48.png?version=1&modificationDate=1711035060392&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-41-48.png?version=1&modificationDate=1711035060392&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191416" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-41-48.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li></ol><p><span style="color: rgb(33,37,41);"><span>Once the <span style="color: rgb(0,0,0);">custom entity attribute has been created, the attributes will appear as an option on:</span></span></span></p><ol><li><span style="color: rgb(33,37,41);"><span><span style="color: rgb(0,0,0);">Relying Party Overrides screen for Metadata Source using the SAML protocol. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-42-20.png?version=1&modificationDate=1711035060368&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-42-20.png?version=1&modificationDate=1711035060368&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191415" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-42-20.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></span></li><li>Options screen for <span style="color: rgb(33,37,41);"><span><span style="color: rgb(0,0,0);">Entity Attributes Filter. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-42-48.png?version=1&modificationDate=1711035060343&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-42-48.png?version=1&modificationDate=1711035060343&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191414" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-42-48.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></span></li></ol><h3 id="SAMLMetadataConfigurationManager-Editacustomentityattribute">Edit a custom entity attribute</h3><p><span style="color: rgb(0,0,0);">To edit a custom entity attribute:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Custom entity attribute </strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-43-19.png?version=1&modificationDate=1711035060319&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-43-19.png?version=1&modificationDate=1711035060319&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191413" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-43-19.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click on the <strong>Edit</strong> icon. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-43-47.png?version=1&modificationDate=1711035060296&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-43-47.png?version=1&modificationDate=1711035060296&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191412" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-43-47.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><p><span>Make your desired edits and click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-44-19.png?version=1&modificationDate=1711035060271&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-44-19.png?version=1&modificationDate=1711035060271&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191411" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-44-19.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p></li></ol><h3 id="SAMLMetadataConfigurationManager-Deleteacustomentityattribute">Delete a custom entity attribute</h3><p><span style="color: rgb(0,0,0);">To create a custom entity attribute:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Custom entity attribute </strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-44-50.png?version=1&modificationDate=1711035060247&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-44-50.png?version=1&modificationDate=1711035060247&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191410" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-44-50.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click on the <strong>Delete</strong> icon. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-45-31.png?version=1&modificationDate=1711035060222&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-45-31.png?version=1&modificationDate=1711035060222&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191409" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-45-31.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the<span> </span><strong>Delete</strong><span> </span>button on the confirmation modal.</li></ol><h2 id="SAMLMetadataConfigurationManager-Attributesbundles"><span style="color: rgb(0,0,0);">Attributes bundles</span></h2><p>The Attributes Bundles screen displays the attributes bundles created in the Shibboleth IdP UI application and has the following information about them<span style="color: rgb(0,0,0);">:</span></p><ul><li><span style="color: rgb(0,0,0);">Bundle Name</span></li><li><span style="color: rgb(0,0,0);">Bundle Attributes</span></li></ul><p>On this screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><p>Create a new bundle attribute </p></li><li>Edit an existing bundle attribute </li><li>Delete a bundle attribute </li></ul><h3 id="SAMLMetadataConfigurationManager-CreateanAttributeBundle">Create an Attribute Bundle</h3><p>Attribute Release bundles can be created as a convenience feature for metadata creators. This allows an administrator to select from the list of custom attributes defined in the `application.yml` file.</p><p><span style="color: rgb(0,0,0);">To create an attribute bundle:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Attribute bundle </strong>option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-50-5.png?version=1&modificationDate=1711035060159&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-50-5.png?version=1&modificationDate=1711035060159&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191407" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-50-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click on the <strong>Add bundle</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-50-29.png?version=1&modificationDate=1711035060128&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-50-29.png?version=1&modificationDate=1711035060128&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191406" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-50-29.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(33,37,41);">Enter a values for the <strong>Bundle Name</strong> field, <span style="color: rgb(0,0,0);">used only to identify the bundle to the user in the UI.</span><span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-51-23.png?version=1&modificationDate=1711035060095&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-51-23.png?version=1&modificationDate=1711035060095&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191405" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-51-23.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></span></li><li>Check the boxes for the attributes you want to add to the bundle. T<span style="color: rgb(0,0,0);">his is a list of available attributes defined in the system.</span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-51-58.png?version=1&modificationDate=1711035060060&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-51-58.png?version=1&modificationDate=1711035060060&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191404" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-51-58.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-53-12.png?version=1&modificationDate=1711035059986&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-53-12.png?version=1&modificationDate=1711035059986&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191402" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-53-12.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </li><li><p><span style="color: rgb(0,0,0);">Mouse over the list of bundled attributes will display the full list of attributes defined in the bundle, in case the list is too long to display in the bundle list table. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-55-14.png?version=1&modificationDate=1711035059906&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-55-14.png?version=1&modificationDate=1711035059906&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191399" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-55-14.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p><p><br/></p></li></ol><p><span style="color: rgb(0,0,0);"><span style="color: rgb(33,37,41);"><span>Once the attributes bundle has been created, a</span></span> user can select these bundles when creating a new metadata source, dynamic registration, or entity attributes Filter. On the Attribute Release page, the bundles are displayed above the list of attributes. Clicking the <strong>Select Bundle</strong> button to the right of the bundle name will select the checkboxes below for the attributes in that bundle. This allows the user to select multiple attributes</span><span style="color: rgb(0,0,0);">:</span></p><ol><li><span style="color: rgb(33,37,41);"><span><span style="color: rgb(0,0,0);">Attributes Release screen for metadata source or dynamic registration. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-56-20.png?version=1&modificationDate=1711035059859&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-56-20.png?version=1&modificationDate=1711035059859&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191397" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-56-20.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span></span></li><li>Attributes screen for e<span style="color: rgb(33,37,41);"><span><span style="color: rgb(0,0,0);">ntity attributes filter. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1400" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-57-23.png?version=1&modificationDate=1711035059812&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-57-23.png?version=1&modificationDate=1711035059812&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191395" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-57-23.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span></span></li><li><span style="color: rgb(33,37,41);"><span><span style="color: rgb(0,0,0);">Clicking the check button to the right of the bundle name will select the checkboxes below for the attributes in that bundle. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-58-30.png?version=1&modificationDate=1711035059764&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_8-58-30.png?version=1&modificationDate=1711035059764&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191393" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_8-58-30.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span></span></li></ol><h2 id="SAMLMetadataConfigurationManager-Groups">Groups</h2><p>Groups can be defined by an administrator using the Groups page. Metadata sources, dynamic registrations, and users can belong to a group, and each user may have a role within the context of that group. When a user is created in the system, they are added by default to their own user group which is generated at the same time, unless a specific group is specified. When a metadata source or dynamic registration is created, that source or registration is added to the creator's group.</p><p><span style="color: rgb(23,43,77);">On the</span> Groups Management screen, the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li>Create a group</li><li>Edit a group</li><li>Delete a group - except the <strong>ADMIN-GROUP</strong>; this group is required by the system</li></ul><h3 id="SAMLMetadataConfigurationManager-Creatingagroup">Creating a group</h3><p>To create a group:</p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Groups </strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-15-58.png?version=1&modificationDate=1711035059741&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-15-58.png?version=1&modificationDate=1711035059741&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191392" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-15-58.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </li><li>Click the <strong>Add group role </strong>button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-16-36.png?version=1&modificationDate=1711035059714&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-16-36.png?version=1&modificationDate=1711035059714&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191391" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-16-36.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(23,43,77);"><span>Enter values in the </span></span><strong style="text-align: left;">Group Name </strong>and <strong>Group Description</strong><span style="color: rgb(23,43,77);"><span> </span>fields. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-17-2.png?version=1&modificationDate=1711035059684&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-17-2.png?version=1&modificationDate=1711035059684&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191390" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-17-2.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span><p><strong>NOTE:</strong> The <strong>URL validation regular expression</strong> and <strong>Approvers</strong> sections are optional.</p></li><li><span style="color: rgb(23,43,77);"><strong>OPTIONAL:</strong> Enter a value in the <strong>URL validation regular expression</strong> field. <span style="color: rgb(0,0,0);">The URL validation regex field is for administrators to define what entity IDs and assertion consumer service URLs can be targeted by members of that group. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-17-34.png?version=1&modificationDate=1711035059655&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-17-34.png?version=1&modificationDate=1711035059655&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191389" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-17-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span></span><p><strong>NOTE:</strong> During the metadata source creation process, the Entity ID and any assertion consumer service endpoint URLs will be restricted to matching the <span style="color: rgb(33,37,41);">URL validation regular expression</span> defined for the members's group. For example, here is a failed validation on the Entity ID: </p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-18-5.png?version=1&modificationDate=1711035059626&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-18-5.png?version=1&modificationDate=1711035059626&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191388" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-18-5.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> Once it has been corrected, the user can proceed with their metadata source definition:</p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" height="250" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-19-12.png?version=1&modificationDate=1711035059597&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-19-12.png?version=1&modificationDate=1711035059597&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191387" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-19-12.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>Similarly, when defining Assertion Consumer Service Endpoints, the URL will be validated against the group's RegEx:</p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-19-52.png?version=1&modificationDate=1711035059568&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-19-52.png?version=1&modificationDate=1711035059568&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191386" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-19-52.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p><p>And once it is successful, the user can proceed with their metadata source definition</p><p><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-20-27.png?version=1&modificationDate=1711035059538&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-20-27.png?version=1&modificationDate=1711035059538&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191385" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-20-27.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></p></li><li><span style="color: rgb(23,43,77);"><strong>OPTIONAL:</strong> </span>Select an option from the <strong>Approvers</strong> menu. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-20-55.png?version=1&modificationDate=1711035059509&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-20-55.png?version=1&modificationDate=1711035059509&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191384" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-20-55.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p><strong>NOTE:</strong> This provides an additional level of approval for metadata sources and dynamic registrations, granting the approver group(s) the authority to approve an un-enabled Metadata Source. </p><p>Metadata sources and dynamic registrations belonging to a group that has approval groups assigned to it cannot be enabled by a delegated enabler until it has been approved by a user from one of the approval groups.</p></li><li><span style="color: rgb(23,43,77);">Click the<span> </span></span><strong style="text-align: left;">Save</strong><span style="color: rgb(23,43,77);"><span> </span>button. </span><span style="color: rgb(23,43,77);"> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-21-30.png?version=1&modificationDate=1711035059479&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-21-30.png?version=1&modificationDate=1711035059479&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191383" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-21-30.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li></ol><p><span style="color: rgb(0,0,0);"><span style="color: rgb(23,43,77);">The Groups Management page is displayed, the new group has been added to the list, and a success message is displayed.</span></span></p><h2 id="SAMLMetadataConfigurationManager-Roles"><span style="color: rgb(0,0,0);">Roles</span></h2><p>There are three basic user roles in Shibboleth IdP UI:</p><ul><li><strong>ROLE_ADMIN:</strong> <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">A user with ROLE_ADMIN, Administrator,</span></span> is able to view, approve, enable, and modify all metadata sources, metadata providers, and dynamic registrations. They also have access to all administrative functions including the Admin dashboard, Action Required dashboard, and Advanced features. </li><li><strong>ROLE_ENABLE:</strong> A user with ROLE_ENABLE has the ability to create, edit, and enable metadata sources belonging to their group.</li><li><strong>ROLE_USER:</strong> A user with ROLE_USER has the ability to create and edit metadata sources belonging to their group, but cannot enable them.</li></ul><p>On the <strong>Role Management </strong>screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><p>Create a new role</p></li><li>Edit an existing role - except the <strong>ROLE_ADMIN</strong>; this role is required by the system</li><li>Delete a role - except the <strong>ROLE_ADMIN</strong>; this role is required by the system</li></ul><h3 id="SAMLMetadataConfigurationManager-CreatingaRole">Creating a Role</h3><p>The Administrator can create custom roles to apply to users. These custom roles define the user's capability within the group. </p><p><span style="color: rgb(0,0,0);">To create a custom role:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Roles</strong> option from the <strong>Advanced </strong>menu in the upper right navigation.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-25-34.png?version=1&modificationDate=1711035059449&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-25-34.png?version=1&modificationDate=1711035059449&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191382" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-25-34.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li>Click the <strong>Add new role </strong>button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-26-4.png?version=1&modificationDate=1711035059418&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-26-4.png?version=1&modificationDate=1711035059418&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191381" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-26-4.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Enter a value in the <strong>Role Name</strong> field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-26-33.png?version=1&modificationDate=1711035059389&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-26-33.png?version=1&modificationDate=1711035059389&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191380" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-26-33.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-27-3.png?version=1&modificationDate=1711035059359&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-27-3.png?version=1&modificationDate=1711035059359&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191379" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-27-3.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><p>The Role Management page is displayed, the new role has been added to the list, and a success message is displayed. </p><p>At this point, if the Administrator navigates to the <strong>Dashboard</strong> → <strong>Admin </strong>tab and clicks in one of the <strong>Role</strong> menu, the new role will be displayed: </p><h3 id="SAMLMetadataConfigurationManager-.12"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-27-32.png?version=1&modificationDate=1711035059329&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-27-32.png?version=1&modificationDate=1711035059329&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191378" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-27-32.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></h3><h3 id="SAMLMetadataConfigurationManager-EditaRole">Edit a Role</h3><p><span style="color: rgb(0,0,0);">To Edit a role:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Roles</strong> option from the <strong>Advanced </strong>menu in the upper right navigation.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-28-9.png?version=1&modificationDate=1711035059300&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-28-9.png?version=1&modificationDate=1711035059300&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191377" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-28-9.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li>Click the <strong>Edit</strong> icon for the desired role. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-28-38.png?version=1&modificationDate=1711035059270&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-28-38.png?version=1&modificationDate=1711035059270&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191376" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-28-38.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Edit the <strong>Role Name</strong> field and click the <strong>Save</strong> button. <p><strong>NOTE:</strong> ROLE_ADMIN cannot be edited or deleted as this role is required by the system.</p></li></ol><h3 id="SAMLMetadataConfigurationManager-DeleteaRole">Delete a Role</h3><p><span style="color: rgb(0,0,0);">To create a role:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Navigates to the <strong>Dashboard</strong> → <strong>Admin </strong>tab and verify the role you will be deleting is NOT assigned to any of the users. If it is, you will need to assign those users a new role prior to deleting their existing role.</li><li>Select the <strong>Roles</strong> option from the <strong>Advanced </strong>menu in the upper right navigation.<span> <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-29-22.png?version=1&modificationDate=1711035059241&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-29-22.png?version=1&modificationDate=1711035059241&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191375" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-29-22.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li>Click <strong>Delete</strong> icon for the desired role. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-29-49.png?version=1&modificationDate=1711035059210&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-29-49.png?version=1&modificationDate=1711035059210&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191374" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-29-49.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the Delete button on the confirmation popup. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-30-18.png?version=1&modificationDate=1711035059179&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-30-18.png?version=1&modificationDate=1711035059179&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191373" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-30-18.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><h2 id="SAMLMetadataConfigurationManager-ConfigurationSets"><span style="color: rgb(0,0,0);">Configuration Sets </span></h2><p><span style="color: rgb(23,43,77);">The Shibboleth IdP UI has built a registry of all supported properties. </span>Administrator can create Shibboleth configuration sets to group these properties for different Shibboleth instances/environments. For example: Development, QA, Productions.</p><p>On the <strong>Manage Shibboleth configurations</strong> screen the <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);">Administrator can perform the following functions:</span></span></p><ul><li><p>Create a new configuration set </p></li><li>Edit an existing configuration set </li><li>Delete a configuration set </li></ul><h3 id="SAMLMetadataConfigurationManager-CreateConfigurationSets"><span style="color: rgb(0,0,0);">Create Configuration Sets</span></h3><p><span style="color: rgb(0,0,0);">To create a configuration set:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Shibboleth Configurations</strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-34-37.png?version=1&modificationDate=1711035059147&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-34-37.png?version=1&modificationDate=1711035059147&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191372" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-34-37.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Create Shibboleth configuration set </strong>button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-35-16.png?version=1&modificationDate=1711035059118&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-35-16.png?version=1&modificationDate=1711035059118&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191371" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-35-16.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Enter a value for the <strong>Name </strong>field. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-35-52.png?version=1&modificationDate=1711035059089&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-35-52.png?version=1&modificationDate=1711035059089&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191370" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-35-52.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li><span style="color: rgb(0,0,0);">Click in the <strong>Add properties</strong> dropdown menu to display the available properties. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-36-28.png?version=1&modificationDate=1711035059059&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-36-28.png?version=1&modificationDate=1711035059059&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191369" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-36-28.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li><span style="color: rgb(0,0,0);">Select one or more properties and click the <strong>Add</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-36-57.png?version=1&modificationDate=1711035059030&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-36-57.png?version=1&modificationDate=1711035059030&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191368" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-36-57.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> </span><p><strong>NOTE:</strong> Once a property has been added, the option is removed from the <strong>Add properties</strong> menu.</p></li><li><span style="color: rgb(0,0,0);"><strong>OPTIONAL:</strong> Populate the <strong>Value</strong> fields for the properties added in the previous step. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-37-36.png?version=1&modificationDate=1711035059000&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-37-36.png?version=1&modificationDate=1711035059000&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191367" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-37-36.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></li><li>Click the <strong>Save</strong> button. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-38-14.png?version=1&modificationDate=1711035058970&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-38-14.png?version=1&modificationDate=1711035058970&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191366" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-38-14.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><h3 id="SAMLMetadataConfigurationManager-DownloadConfigurationSetFiles"><span style="color: rgb(0,0,0);">Download Configuration Set Files</span></h3><p><span style="color: rgb(0,0,0);">Once a configuration set has been created, the files from the set can be downloaded in two ways:</span></p><ul><li><span style="color: rgb(0,0,0);">Single File</span></li><li><span style="color: rgb(0,0,0);">Separated Files</span></li></ul><p><span style="color: rgb(0,0,0);"><span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-39-9.png?version=1&modificationDate=1711035058935&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-39-9.png?version=1&modificationDate=1711035058935&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191365" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-39-9.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></span></p><h3 id="SAMLMetadataConfigurationManager-EditShibbolethConfigurations"><span style="color: rgb(0,0,0);">Edit Shibboleth Configurations</span></h3><p><span style="color: rgb(0,0,0);">To edit a configuration set:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Shibboleth Configurations</strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-39-51.png?version=1&modificationDate=1711035058897&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-39-51.png?version=1&modificationDate=1711035058897&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191364" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-39-51.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the corresponding <strong>Edit</strong> button for the configuration set to be edited. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-40-26.png?version=1&modificationDate=1711035058859&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-40-26.png?version=1&modificationDate=1711035058859&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191363" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-40-26.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span> <p>The Edit configuration set screen is displayed. Here the Administrator can:</p><p><strong>-Edit the Name field</strong><br/><strong>-Add or remove properties</strong><br/><strong>-Edit the Value field for the selected properties</strong></p></li><li>Once the changes have been made, click the <strong>Save</strong><span style="color: rgb(0,0,0);"> button.</span></li></ol><h3 id="SAMLMetadataConfigurationManager-DeleteShibbolethConfigurations">Delete Shibboleth Configurations</h3><p><span style="color: rgb(0,0,0);">To edit a configuration set:</span></p><ol><li>Log into Shibboleth IdP UI as an <span style="color: rgb(0,0,255);"><span style="color: rgb(0,0,0);"><em>Administrator</em>.</span></span></li><li>Select the <strong>Shibboleth Configurations</strong> option from the <strong>Advanced </strong>menu in the upper right navigation. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-41-9.png?version=1&modificationDate=1711035058822&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-41-9.png?version=1&modificationDate=1711035058822&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191362" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-41-9.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the corresponding <strong>Delete</strong> button for the configuration set to be deleted. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-41-39.png?version=1&modificationDate=1711035054226&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-41-39.png?version=1&modificationDate=1711035054226&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191361" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-41-39.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li><li>Click the <strong>Delete</strong> button on the confirmation popup. <span class="confluence-embedded-file-wrapper confluence-embedded-manual-size"><img class="confluence-embedded-image" draggable="false" width="1000" src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-42-6.png?version=1&modificationDate=1711035054168&api=v2" data-image-src="https://spaces.at.internet2.edu/download/attachments/294191359/image2023-4-14_10-42-6.png?version=1&modificationDate=1711035054168&api=v2" data-unresolved-comment-count="0" data-linked-resource-id="294191360" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="image2023-4-14_10-42-6.png" data-base-url="https://spaces.at.internet2.edu" data-linked-resource-content-type="image/png" data-linked-resource-container-id="294191359" data-linked-resource-container-version="1" alt=""></span></li></ol><p><br/></p><p><strong>End of User Guide</strong></p><p><br/></p><p><br/></p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/display/SMMU/SAML+Metadata+Configuration+Manager">View Online</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:30:53ZSAML Metadata Configuration Manager > image2020-9-10_10-30-38.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191859-12024-03-21T15:31:12Z2024-03-21T15:31:12Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_10-30-38.png?version=1&modificationDate=1711035072044&api=v2">image2020-9-10_10-30-38.png</a> <span class="smalltext">(59 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:12ZSAML Metadata Configuration Manager > image2020-9-10_14-46-2.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191858-12024-03-21T15:31:12Z2024-03-21T15:31:12Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-46-2.png?version=1&modificationDate=1711035072017&api=v2">image2020-9-10_14-46-2.png</a> <span class="smalltext">(64 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:12ZSAML Metadata Configuration Manager > image2020-9-10_14-47-42.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191857-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-47-42.png?version=1&modificationDate=1711035071987&api=v2">image2020-9-10_14-47-42.png</a> <span class="smalltext">(73 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-10_14-49-7.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191856-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-49-7.png?version=1&modificationDate=1711035071964&api=v2">image2020-9-10_14-49-7.png</a> <span class="smalltext">(73 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-10_14-50-2.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191855-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-50-2.png?version=1&modificationDate=1711035071938&api=v2">image2020-9-10_14-50-2.png</a> <span class="smalltext">(67 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-10_14-51-1.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191854-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-51-1.png?version=1&modificationDate=1711035071915&api=v2">image2020-9-10_14-51-1.png</a> <span class="smalltext">(50 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-10_14-55-16.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191853-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-55-16.png?version=1&modificationDate=1711035071891&api=v2">image2020-9-10_14-55-16.png</a> <span class="smalltext">(40 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-10_14-56-11.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191852-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-56-11.png?version=1&modificationDate=1711035071866&api=v2">image2020-9-10_14-56-11.png</a> <span class="smalltext">(63 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-10_14-57-58.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191851-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-10_14-57-58.png?version=1&modificationDate=1711035071838&api=v2">image2020-9-10_14-57-58.png</a> <span class="smalltext">(70 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-11_10-9-57.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191850-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-11_10-9-57.png?version=1&modificationDate=1711035071814&api=v2">image2020-9-11_10-9-57.png</a> <span class="smalltext">(64 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-11_10-40-17.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191849-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-11_10-40-17.png?version=1&modificationDate=1711035071788&api=v2">image2020-9-11_10-40-17.png</a> <span class="smalltext">(55 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-11_10-41-42.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191848-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-11_10-41-42.png?version=1&modificationDate=1711035071765&api=v2">image2020-9-11_10-41-42.png</a> <span class="smalltext">(69 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11ZSAML Metadata Configuration Manager > image2020-9-11_10-43-26.pngvicky.crowley.2@at.internet2.edutag:spaces.at.internet2.edu,2009:attachment-294191847-12024-03-21T15:31:11Z2024-03-21T15:31:11Z<div class="feed"> <p>File
<b>attached</b> by
<a href=" https://spaces.at.internet2.edu/display/~vicky.crowley.2@at.internet2.edu
">vicky.crowley.2@at.internet2.edu</a>
</p>
<div style="border-top: 1px solid #ddd; border-bottom: 1px solid #ddd; padding: 10px;">
<p>
<span class="aui-icon content-type-attachment-image" title="PNG File">PNG File</span> <a href="https://spaces.at.internet2.edu/download/attachments/294191359/image2020-9-11_10-43-26.png?version=1&modificationDate=1711035071739&api=v2">image2020-9-11_10-43-26.png</a> <span class="smalltext">(70 kB)</span>
<br/>
</p>
</div>
<div style="padding: 10px 0;">
<a href="https://spaces.at.internet2.edu/pages/viewpageattachments.action?pageId=294191359">View Attachments</a>
</div>
</div>vicky.crowley.2@at.internet2.edu2024-03-21T15:31:11Z