Provide the module metadata to IdP

  • Service Provider Metadata is an XML document that contains the necessary information, such as the Entity ID, ACS URL, X.509 Certificate, and supported SAML bindings for interaction with the Identity Provider. The Service Provider Metadata tab of the module allows you to provide metadata in three different formats, as supported by the IdP.

  • For configuring miniOrange on your IdP, you have two options :

  1. Using URL: Url Format: https://{your_base_url}/saml_metadata.

  2. Using XML File: Download the file using the Download XML Metadata button.

  3. Manual: Here is a quick description of the SAML attributes that should be configured on the Identity Provider to build the trust for authentication. You can copy the values of the attributes and provide them to the IP.

Attribute Name Description
SP Entity ID/Issuer It is the ID used by the Identity Provider to uniquely identify the service provider.
SP ACS URL, Recipient URL, Destination URL It is the URL of the service provider that is requesting the assertion from the identity provider.
Single Logout URL This is the URL of the service provider where the IdP sends its sign-out response.
X.509 Certificate X.509 Certificate is used by the IdPs to validate the requests. Some IdPs mandate the SPs to send signed requests so that they can verify that the requests are coming from the expected SPs.
NameID Format NameID Format decides how the users at identity providers are mapped to users at service providers during SSO Format: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified..

Additional Settings:

  1. Change SP Base URLs (Optional)
  • On the same page below the SP metadata, there is an option to change the base URL and the Entity ID of the Service Provider. Updating any of these will also update URLs in the metadata so you need to re-configure SP metadata in IdP again.
    • SP Base URL: All SAML endpoints of the service provider are generated based on the base URL of the site. If a different base URL is needed, use this option.
    • SP Entity ID: Entity ID used by the Identity Provider to uniquely identify the service provider. Use this option if you want a different value than the default value.
  1. Metadata organization details (Optional)
  • This sectionallows you to customize organization details in the service provider metadata. Updating this will also update SP metadata so you need to re-configure SP metadata in IdP.

Configurable Options:

  1. Organization Name
  2. Organization display name
  3. Organization URL
  4. Technical contact person name
  5. Technical contact person email
  6. Support contact person name
  7. Support contact email