The following is the example for OIOSAML 3 Identity Provider’s metadata:
<?xml version="1.0" encoding="UTF-8"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="idJd_wMSdU-dWNczQ5TfqvlifNttM" entityID="https://slesnode1.kcdad1.com:8443/nidp/saml2/metadata"> <md:IDPSSODescriptor ID="idjUZHtd27BccDClCkXcbqBO96ULI" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate> *** </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate> *** </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" /> </md:KeyDescriptor> <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/soap" index="0" isDefault="true" /> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/slo" ResponseLocation="https://slesnode1.kcdad1.com:8443/nidp/saml2/slo_return" /> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/slo" ResponseLocation="https://slesnode1.kcdad1.com:8443/nidp/saml2/slo_return" /> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/soap" /> <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/rni" ResponseLocation="https://slesnode1.kcdad1.com:8443/nidp/saml2/rni_return" /> <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/rni" ResponseLocation="https://slesnode1.kcdad1.com:8443/nidp/saml2/rni_return" /> <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/soap" /> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/sso" /> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/sso" /> <md:NameIDMappingService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://slesnode1.kcdad1.com:8443/nidp/saml2/soap" /> <md:AttributeConsumingService index="0" isDefault="true"> <md:ServiceName xml:lang="en">https://slesnode3.kcdad3.com:8443</md:ServiceName> <md:RequestedAttribute Name="https://data.gov.dk/model/core/specVersion" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" /> <md:RequestedAttribute Name="https://data.gov.dk/concept/core/nsis/loa" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" /> <md:RequestedAttribute Name="https://data.gov.dk/concept/core/nsis/ial" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/concept/core/nsis/aal" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/fullName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/firstName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/lastName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/cprNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/cprUuid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/professional/cvr" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> <md:RequestedAttribute Name="https://data.gov.dk/model/core/eid/professional/orgName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /> </md:AttributeConsumingService> </md:IDPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en">slesnode1.kcdad.com</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en">slesnode1.kcdad.com</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en">https://slesnode1.kcdad.com:8443/nidp</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="other"> <md:Company>Micro Focus IDp cluster 2</md:Company> <md:GivenName>NAMTeam</md:GivenName> <md:SurName>AccessManager</md:SurName> <md:EmailAddress>domain@example.com</md:EmailAddress> <md:TelephoneNumber>+919800000000</md:TelephoneNumber> </md:ContactPerson> </md:EntityDescriptor>