SAML 2.0 Requirements for Service Providers - Metadata
SAML 2.0 Requirements for Service Providers - Metadata
The following tables outline the supported SAML 2.0 elements required for service providers using Cloud Access Service (CAS) as an IdP to manage authentication. Provide this information to your application administrators.
SP Metadata
| <md:EntityDescriptor> Attribute or Element | Status and Supported Values |
|---|---|
| ID | Optional |
| entityID | Required |
| validUntil | Optional |
| cacheDuration | Not supported. Ignored. |
| <ds:Signature> | Not supported. Ignored. |
| <md:Extensions> | Not supported. Ignored. |
| <md:SPSSODescriptor> | Optional |
| ID | Optional |
| validUntil | Optional |
| cacheDuration | Not supported. Ignored. |
| protocolSupportEnumeration | Not supported. Ignored. |
| errorURL | Not supported. Ignored. |
| AuthnRequestsSigned | Optional Value: true/false |
| WantAssertionsSigned | Optional Value: true/false |
| <ds:Signature> | Not supported. Ignored. |
| <md:Extensions> | Not supported. Ignored. |
| <md:KeyDescriptor> | Optional |
| <md:KeyTypes> | Required Value: signing |
| <ds:KeyInfo> | Required |
<ds:KeyName> | Required |
<ds:X509Data> | Required Values: <ds:X509SubjectName> <ds:X509Certificate> |
| <md:EncryptionMethod> | Not supported. Ignored. |
| <md:Organization> | Not supported. Ignored. |
| <md:ContactPerson> | Not supported. Ignored. |
| <md:ArtifactResolutionService> | Not supported. Ignored. |
| <md:SingleLogoutService> | Not supported. Ignored. |
| <md:ManageNameIDService> | Not supported. Ignored. |
| <md:NameIDFormat> | Not supported. Ignored. |
| <md:AssertionConsumerService> | Optional |
| Binding | Optional |
| Location | Optional |
| ResponseLocation | Optional |
| index | Not supported. Ignored. |
| isDefault | Optional Value: true |
| <md:AttributeConsumingService> | Not supported. Ignored. |
| <md:RequestedAttribute> | Not supported. Ignored. |
| <md:Organization> | Not supported. Ignored. |
| <md:ContactPerson> | Not supported. Ignored. |
| <md:AdditionalMetadataLocation> | Not supported. Ignored. |
IdP Metadata
| <md:EntityDescriptor> Attribute or Element | Status and Supported Values |
|---|---|
| ID | Provided |
| entityID | Provided |
| validUntil | Not provided |
| cacheDuration | Not provided |
| <ds:Signature> | Provided |
| <md:Extensions> | Not provided |
| <md:IDPSSODescriptor> | Provided |
| ID | Optional |
| validUntil | Not provided |
| cacheDuration | Not provided |
| protocolSupportEnumeration | Provided Value: urn:oasis:names:tc:SAML:2.0:protocol |
| errorURL | Not provided |
| WantAuthnRequestsSigned | Provided Value: true/false |
| <ds:Signature> | Not provided |
| <md:Extensions> | Not provided |
| <md:KeyDescriptor> | Provided |
| use | Provided Value: signing |
| <ds:KeyInfo> | Provided |
<ds:KeyName> | Provided |
<ds:X509Data> | Provided Values: <ds:X509SubjectName> <ds:X509Certificate> |
| <md:EncryptionMethod> | Not provided |
| <md:Organization> | May be provided |
| <md:OrganizationName> | May be provided |
| <md:OrganizationDisplayName> | May be provided |
| <md:OrganizationURL> | May be provided |
| <md:Extensions> | Not provided |
| <md:ContactPerson> | May be provided |
| contactType | Provided Value: Other |
| <md:Company> | Not provided |
| <md:GivenName> | May be provided |
| <md:SurName> | May be provided |
| <md:EmailAddress> | May be provided |
| <md:TelephoneNumber> | May be provided |
| <md:Extensions> | Not provided |
| <md:ArtifactResolutionService> | Not provided |
| <md:SingleLogoutService> | Provided |
| Binding | Provided Values: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST |
| Location | Provided |
| ResponseLocation | Not provided |
| <md:ManageNameIDService> | Not provided |
| <md:NameIDFormat> | Not supported. Ignored. |
| <md:AssertionConsumerService> | Not provided |
| <md:AttributeConsumingService> | Not provided |
| <md:RequestedAttribute> | Not provided |
| <md:Organization> | Not provided |
| <md:ContactPerson> | Not provided |
| <md:AdditionalMetadataLocation> | Not provided |
Related Articles
SAML 2.0 Requirements for Service Providers Number of Views SAML 2.0 Requirements for Service Providers - Supported RequestedAuthnContext Examples Number of Views SAML 2.0 Requirements for Service Providers - AuthnRequest Number of Views SAML 2.0 Requirements for Service Providers - Response and Assertion Number of Views Set Requirements for Security Questions Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
