Metadata File Configuration Description - Fluid Topics - 3.7

Fluid Topics Integration Guide

Operating system
Debian
Category
Reference Guides
Audience
public
Version
3.7

The metadata file is generally provided by the Identity Provider. Sometimes the Identity Provider is not able to provide its metadata file. It may also not be able to generate its metadata without the Service Provider metadata file (generated here). In this case, this template file which contains place holders can be used.

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
entityID="$IDP_ENTITY_ID">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
$BASE64_PUBLIC_CERTIFICATE
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
$BASE64_PUBLIC_CERTIFICATE
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="$LOGIN_PAGE_URL"/>
</md:IDPSSODescriptor>
</md:EntityDescriptor>

Where:

  • $IDP_ENTITY_ID is the entity ID (or issuer ID).
  • $BASE64_PUBLIC_CERTIFICATE is the public certificate encoded with the base64 algorithm.
  • $LOGIN_PAGE_URL is the login page URL.