Page History
ACOnet publishes several SAML Metadata documents, some of which are documented below. All use of SAML Metadata published by ACOnet requires verification of the cryptographic signature (XMLDsig) on that metadata against the published Metadata Signing Key. Trust in any information contained in SAML Metadata published by ACOnet should only be derived from a valid signature with that key, not e.g. based based on the URL the metadata is downloaded from.
...
Service Providers only providing services to ACOnet participants (i.e., services that do not have users outside eduID.at member institutions) can can use this limited Metadata document, which only contains entities registered with ACOnet (i. I.e., Identity Providers those accounted for by formal ACOnet Identity Federation members who are bound by the ACOnet Identity Federation Policy):
| Info | ||||
|---|---|---|---|---|
| ||||
|
Federation members who should use this limited Metadata document:
- Service Providers registering individually with every Identity Federation, such as e-resource providers
- Service Providers whose service is by its "nature" limited to subjects from eduID.at member institutions.
All other Federation members will want to make use of the Interfederation-enabled Metadata document, which contains all eduID.at member institutions as well as any SAML entities known via Interfederation agreements, such as eduGAIN. Those interfederated entities are bound by the policies of their respective Registrars or Home Federations.
...
- Service Providers registered with ACOnet also offering their services via Interfederation, as well as
- all Identity Providers registered with ACOnet, including but not limited to those participating in Interfederation.
(Only SPs will be relevant to an IDP and communication with SPs is best managed via attribute release policies, not metadata exclusion.)
...
Overview
Content Tools
Tasks