SAML 2.0 IdP Metadata

Here is the metadata that simpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.

You can get the metadata xml on a dedicated URL:

Metadata

In SAML 2.0 Metadata XML format:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="hpss.login.school.nz">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIICQzCCAawCCQCkSkkXsGQU+jANBgkqhkiG9w0BAQUFADBmMQswCQYDVQQGEwJOWjETMBEGA1UECBMKV2VpbGxuZ3RvbjEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYDVQQDExZzY2hvb2wubG9naW4uc2Nob29sLm56MB4XDTExMDIwOTIzMzA1NFoXDTM4MDYyNjIzMzA1NFowZjELMAkGA1UEBhMCTloxEzARBgNVBAgTCldlaWxsbmd0b24xITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GA1UEAxMWc2Nob29sLmxvZ2luLnNjaG9vbC5uejCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxM2BE5P3bvL7qMWsxWEXLmpoHO1d9LjEiYVIkP8IC/vU62kFDN065Kktic10Um9gn186lFnYJsNXDRTc0Fuw2xHl21tyUnxWpCw/pFWi4Modez8NBmVR3+QsCJhPg1ZzYtUteHA3rPzhiIuobNf2XrEhFTQnvkeHbbR3BWRHBWcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBBJC3izF1A0ztVh/vCyWiJ6BpVpQtsh4929C+NTcghxv2JKTEd9bSTaPk0S+wPn807dlZ4sNbdy4O1RmIe/yQNIjiN7Pym+O3q8DP9heIZ7u/hq/SnbrxuGRNfeeMleR7s5BrX4xCerJ+G6+WjbVZa4SKRSIks3v8n9x8NkhWkzg==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIICQzCCAawCCQCkSkkXsGQU+jANBgkqhkiG9w0BAQUFADBmMQswCQYDVQQGEwJOWjETMBEGA1UECBMKV2VpbGxuZ3RvbjEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYDVQQDExZzY2hvb2wubG9naW4uc2Nob29sLm56MB4XDTExMDIwOTIzMzA1NFoXDTM4MDYyNjIzMzA1NFowZjELMAkGA1UEBhMCTloxEzARBgNVBAgTCldlaWxsbmd0b24xITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GA1UEAxMWc2Nob29sLmxvZ2luLnNjaG9vbC5uejCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxM2BE5P3bvL7qMWsxWEXLmpoHO1d9LjEiYVIkP8IC/vU62kFDN065Kktic10Um9gn186lFnYJsNXDRTc0Fuw2xHl21tyUnxWpCw/pFWi4Modez8NBmVR3+QsCJhPg1ZzYtUteHA3rPzhiIuobNf2XrEhFTQnvkeHbbR3BWRHBWcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBBJC3izF1A0ztVh/vCyWiJ6BpVpQtsh4929C+NTcghxv2JKTEd9bSTaPk0S+wPn807dlZ4sNbdy4O1RmIe/yQNIjiN7Pym+O3q8DP9heIZ7u/hq/SnbrxuGRNfeeMleR7s5BrX4xCerJ+G6+WjbVZa4SKRSIks3v8n9x8NkhWkzg==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://hpss.login.school.nz/simplesaml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://hpss.login.school.nz/simplesaml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
  <md:ContactPerson contactType="technical">
    <md:SurName>Administrator</md:SurName>
    <md:EmailAddress>helpdesk@norrcom.com</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

In simpleSAMLphp flat file format - use this if you are using a simpleSAMLphp entity on the other side:

$metadata['hpss.login.school.nz'] = array (
  'metadata-set' => 'saml20-idp-remote',
  'entityid' => 'hpss.login.school.nz',
  'SingleSignOnService' => 'https://hpss.login.school.nz/simplesaml/saml2/idp/SSOService.php',
  'SingleLogoutService' => 'https://hpss.login.school.nz/simplesaml/saml2/idp/SingleLogoutService.php',
  'certData' => 'MIICQzCCAawCCQCkSkkXsGQU+jANBgkqhkiG9w0BAQUFADBmMQswCQYDVQQGEwJOWjETMBEGA1UECBMKV2VpbGxuZ3RvbjEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR8wHQYDVQQDExZzY2hvb2wubG9naW4uc2Nob29sLm56MB4XDTExMDIwOTIzMzA1NFoXDTM4MDYyNjIzMzA1NFowZjELMAkGA1UEBhMCTloxEzARBgNVBAgTCldlaWxsbmd0b24xITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEfMB0GA1UEAxMWc2Nob29sLmxvZ2luLnNjaG9vbC5uejCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxM2BE5P3bvL7qMWsxWEXLmpoHO1d9LjEiYVIkP8IC/vU62kFDN065Kktic10Um9gn186lFnYJsNXDRTc0Fuw2xHl21tyUnxWpCw/pFWi4Modez8NBmVR3+QsCJhPg1ZzYtUteHA3rPzhiIuobNf2XrEhFTQnvkeHbbR3BWRHBWcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBBJC3izF1A0ztVh/vCyWiJ6BpVpQtsh4929C+NTcghxv2JKTEd9bSTaPk0S+wPn807dlZ4sNbdy4O1RmIe/yQNIjiN7Pym+O3q8DP9heIZ7u/hq/SnbrxuGRNfeeMleR7s5BrX4xCerJ+G6+WjbVZa4SKRSIks3v8n9x8NkhWkzg==',
  'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
);

Certificates

Download the X509 certificates as PEM-encoded files.