Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
SAML IdP metadata example 1
<EntityDescriptor entityID="https://idp.example.com/idp/shibboleth">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">idp.example.com</shibmd:Scope>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:DisplayName xml:lang="ja">idp-example</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">idp-example Inc.</mdui:DisplayName>
<mdui:Logo height="75" width="200">http://www.idp-example.co.jp/images/logo.png</mdui:Logo>
<mdui:InformationURL xml:lang="ja">http://www.idp-example.co.jp/</mdui:InformationURL>
<mdui:InformationURL xml:lang="en">http://www.idp-example.co.jp/</mdui:InformationURL>
<mdui:PrivacyStatementURL xml:lang="ja">http://www.idp-example.co.jp/</mdui:PrivacyStatementURL>
<mdui:PrivacyStatementURL xml:lang="en">http://www.idp-example.co.jp/</mdui:PrivacyStatementURL>
<mdui:Keywords xml:lang="en">category:location:others</mdui:Keywords>
</mdui:UIInfo>
<mdui:DiscoHints xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:IPHint>xxx.xxx.xxx.xxx/32</mdui:IPHint>
<mdui:IPHint>yyy.yyy.yyy.yyy/32</mdui:IPHint>
<mdui:DomainHint>www.idp-example.co.jp</mdui:DomainHint>
<mdui:DomainHint>idp.example.com</mdui:DomainHint>
</mdui:DiscoHints>
</Extensions>
<KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIISOMECERTSM9Xvw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<shibmd:Scope regexp="false" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">idp.example.com</shibmd:Scope>
</Extensions>
<KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIISOMECERTSM9Xvw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
</AttributeAuthorityDescriptor>
</EntityDescriptor>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment