SAML 2.0 Requirements for Service Providers - Metadata
SAML 2.0 Requirements for Service Providers - Metadata
The following tables outline the supported SAML 2.0 elements required for service providers using Cloud Access Service (CAS) as an IdP to manage authentication. Provide this information to your application administrators.
SP Metadata
| <md:EntityDescriptor> Attribute or Element | Status and Supported Values |
|---|---|
| ID | Optional |
| entityID | Required |
| validUntil | Optional |
| cacheDuration | Not supported. Ignored. |
| <ds:Signature> | Not supported. Ignored. |
| <md:Extensions> | Not supported. Ignored. |
| <md:SPSSODescriptor> | Optional |
| ID | Optional |
| validUntil | Optional |
| cacheDuration | Not supported. Ignored. |
| protocolSupportEnumeration | Not supported. Ignored. |
| errorURL | Not supported. Ignored. |
| AuthnRequestsSigned | Optional Value: true/false |
| WantAssertionsSigned | Optional Value: true/false |
| <ds:Signature> | Not supported. Ignored. |
| <md:Extensions> | Not supported. Ignored. |
| <md:KeyDescriptor> | Optional |
| <md:KeyTypes> | Required Value: signing |
| <ds:KeyInfo> | Required |
<ds:KeyName> | Required |
<ds:X509Data> | Required Values: <ds:X509SubjectName> <ds:X509Certificate> |
| <md:EncryptionMethod> | Not supported. Ignored. |
| <md:Organization> | Not supported. Ignored. |
| <md:ContactPerson> | Not supported. Ignored. |
| <md:ArtifactResolutionService> | Not supported. Ignored. |
| <md:SingleLogoutService> | Not supported. Ignored. |
| <md:ManageNameIDService> | Not supported. Ignored. |
| <md:NameIDFormat> | Not supported. Ignored. |
| <md:AssertionConsumerService> | Optional |
| Binding | Optional |
| Location | Optional |
| ResponseLocation | Optional |
| index | Not supported. Ignored. |
| isDefault | Optional Value: true |
| <md:AttributeConsumingService> | Not supported. Ignored. |
| <md:RequestedAttribute> | Not supported. Ignored. |
| <md:Organization> | Not supported. Ignored. |
| <md:ContactPerson> | Not supported. Ignored. |
| <md:AdditionalMetadataLocation> | Not supported. Ignored. |
IdP Metadata
| <md:EntityDescriptor> Attribute or Element | Status and Supported Values |
|---|---|
| ID | Provided |
| entityID | Provided |
| validUntil | Not provided |
| cacheDuration | Not provided |
| <ds:Signature> | Provided |
| <md:Extensions> | Not provided |
| <md:IDPSSODescriptor> | Provided |
| ID | Optional |
| validUntil | Not provided |
| cacheDuration | Not provided |
| protocolSupportEnumeration | Provided Value: urn:oasis:names:tc:SAML:2.0:protocol |
| errorURL | Not provided |
| WantAuthnRequestsSigned | Provided Value: true/false |
| <ds:Signature> | Not provided |
| <md:Extensions> | Not provided |
| <md:KeyDescriptor> | Provided |
| use | Provided Value: signing |
| <ds:KeyInfo> | Provided |
<ds:KeyName> | Provided |
<ds:X509Data> | Provided Values: <ds:X509SubjectName> <ds:X509Certificate> |
| <md:EncryptionMethod> | Not provided |
| <md:Organization> | May be provided |
| <md:OrganizationName> | May be provided |
| <md:OrganizationDisplayName> | May be provided |
| <md:OrganizationURL> | May be provided |
| <md:Extensions> | Not provided |
| <md:ContactPerson> | May be provided |
| contactType | Provided Value: Other |
| <md:Company> | Not provided |
| <md:GivenName> | May be provided |
| <md:SurName> | May be provided |
| <md:EmailAddress> | May be provided |
| <md:TelephoneNumber> | May be provided |
| <md:Extensions> | Not provided |
| <md:ArtifactResolutionService> | Not provided |
| <md:SingleLogoutService> | Provided |
| Binding | Provided Values: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST |
| Location | Provided |
| ResponseLocation | Not provided |
| <md:ManageNameIDService> | Not provided |
| <md:NameIDFormat> | Not supported. Ignored. |
| <md:AssertionConsumerService> | Not provided |
| <md:AttributeConsumingService> | Not provided |
| <md:RequestedAttribute> | Not provided |
| <md:Organization> | Not provided |
| <md:ContactPerson> | Not provided |
| <md:AdditionalMetadataLocation> | Not provided |
Related Articles
SAML 2.0 Requirements for Service Providers - AuthnRequest Number of Views SAML 2.0 Requirements for Service Providers - Supported RequestedAuthnContext Examples Number of Views SAML 2.0 Requirements for Service Providers Number of Views Identity Router DNS Requirements Number of Views SAML 2.0 Requirements for Service Providers - Response and Assertion Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
