SAML 2.0 Requirements for Service Providers - Metadata
SAML 2.0 Requirements for Service Providers - Metadata
The following tables outline the supported SAML 2.0 elements required for service providers using Cloud Access Service (CAS) as an IdP to manage authentication. Provide this information to your application administrators.
SP Metadata
| <md:EntityDescriptor> Attribute or Element | Status and Supported Values |
|---|---|
| ID | Optional |
| entityID | Required |
| validUntil | Optional |
| cacheDuration | Not supported. Ignored. |
| <ds:Signature> | Not supported. Ignored. |
| <md:Extensions> | Not supported. Ignored. |
| <md:SPSSODescriptor> | Optional |
| ID | Optional |
| validUntil | Optional |
| cacheDuration | Not supported. Ignored. |
| protocolSupportEnumeration | Not supported. Ignored. |
| errorURL | Not supported. Ignored. |
| AuthnRequestsSigned | Optional Value: true/false |
| WantAssertionsSigned | Optional Value: true/false |
| <ds:Signature> | Not supported. Ignored. |
| <md:Extensions> | Not supported. Ignored. |
| <md:KeyDescriptor> | Optional |
| <md:KeyTypes> | Required Value: signing |
| <ds:KeyInfo> | Required |
<ds:KeyName> | Required |
<ds:X509Data> | Required Values: <ds:X509SubjectName> <ds:X509Certificate> |
| <md:EncryptionMethod> | Not supported. Ignored. |
| <md:Organization> | Not supported. Ignored. |
| <md:ContactPerson> | Not supported. Ignored. |
| <md:ArtifactResolutionService> | Not supported. Ignored. |
| <md:SingleLogoutService> | Not supported. Ignored. |
| <md:ManageNameIDService> | Not supported. Ignored. |
| <md:NameIDFormat> | Not supported. Ignored. |
| <md:AssertionConsumerService> | Optional |
| Binding | Optional |
| Location | Optional |
| ResponseLocation | Optional |
| index | Not supported. Ignored. |
| isDefault | Optional Value: true |
| <md:AttributeConsumingService> | Not supported. Ignored. |
| <md:RequestedAttribute> | Not supported. Ignored. |
| <md:Organization> | Not supported. Ignored. |
| <md:ContactPerson> | Not supported. Ignored. |
| <md:AdditionalMetadataLocation> | Not supported. Ignored. |
IdP Metadata
| <md:EntityDescriptor> Attribute or Element | Status and Supported Values |
|---|---|
| ID | Provided |
| entityID | Provided |
| validUntil | Not provided |
| cacheDuration | Not provided |
| <ds:Signature> | Provided |
| <md:Extensions> | Not provided |
| <md:IDPSSODescriptor> | Provided |
| ID | Optional |
| validUntil | Not provided |
| cacheDuration | Not provided |
| protocolSupportEnumeration | Provided Value: urn:oasis:names:tc:SAML:2.0:protocol |
| errorURL | Not provided |
| WantAuthnRequestsSigned | Provided Value: true/false |
| <ds:Signature> | Not provided |
| <md:Extensions> | Not provided |
| <md:KeyDescriptor> | Provided |
| use | Provided Value: signing |
| <ds:KeyInfo> | Provided |
<ds:KeyName> | Provided |
<ds:X509Data> | Provided Values: <ds:X509SubjectName> <ds:X509Certificate> |
| <md:EncryptionMethod> | Not provided |
| <md:Organization> | May be provided |
| <md:OrganizationName> | May be provided |
| <md:OrganizationDisplayName> | May be provided |
| <md:OrganizationURL> | May be provided |
| <md:Extensions> | Not provided |
| <md:ContactPerson> | May be provided |
| contactType | Provided Value: Other |
| <md:Company> | Not provided |
| <md:GivenName> | May be provided |
| <md:SurName> | May be provided |
| <md:EmailAddress> | May be provided |
| <md:TelephoneNumber> | May be provided |
| <md:Extensions> | Not provided |
| <md:ArtifactResolutionService> | Not provided |
| <md:SingleLogoutService> | Provided |
| Binding | Provided Values: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST |
| Location | Provided |
| ResponseLocation | Not provided |
| <md:ManageNameIDService> | Not provided |
| <md:NameIDFormat> | Not supported. Ignored. |
| <md:AssertionConsumerService> | Not provided |
| <md:AttributeConsumingService> | Not provided |
| <md:RequestedAttribute> | Not provided |
| <md:Organization> | Not provided |
| <md:ContactPerson> | Not provided |
| <md:AdditionalMetadataLocation> | Not provided |
Related Articles
SAML 2.0 Requirements for Service Providers Number of Views SAML 2.0 Requirements for Service Providers - AuthnRequest Number of Views SAML 2.0 Requirements for Service Providers - Supported RequestedAuthnContext Examples Number of Views SAML 2.0 Requirements for Service Providers - Response and Assertion Number of Views Identity Router DNS Requirements Number of Views
Trending Articles
RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide Troubleshooting RSA MFA Agent for Microsoft Windows Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory
Don't see what you're looking for?
