English

SAML 2.0 IdP Metadata

Here is the metadata that simpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.

You can get the metadata xml on a dedicated URL:

Metadata

In SAML 2.0 Metadata XML format:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="idp.crystal.school.nz">
  <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDnTCCAoWgAwIBAgIJAID6W0Acj/k5MA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNVBAYTAk5aMQ8wDQYDVQQIDAZOZWxzb24xDzANBgNVBAcMBk5lbHNvbjEUMBIGA1UECgwLTmVsc29uIExvb3AxHjAcBgNVBAMMFWlkcC5jcnlzdGFsLnNjaG9vbC5uejAeFw0xNDA3MDYxOTQ0MjJaFw0yNDA3MDUxOTQ0MjJaMGUxCzAJBgNVBAYTAk5aMQ8wDQYDVQQIDAZOZWxzb24xDzANBgNVBAcMBk5lbHNvbjEUMBIGA1UECgwLTmVsc29uIExvb3AxHjAcBgNVBAMMFWlkcC5jcnlzdGFsLnNjaG9vbC5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALui2EpTSiuByRDWTLG7Eqsdrb+PeBw1uMGbfa5pstB2TTju7+GxD6nAjRPYeyYkRMrFV6lk7Bu+ZM9irX32O3ly67SPikzl9BuqCjsRRxB9klTu/zJ1YpUp8K2VQqexctJY8GqgIpwY3UC+H/kkJXiox1RuQ/GauPO2NFQ6/keZSr3sFmeF/lWn/21Jobsyi5SXX2mN9eOED4FxptDww+i48U/7tynTtaKzEBDAFlZnU8RmLpd2IBoi3KhrssrCnb0kP3f9MoUl+hVmZanQ446PxKtmS82UM1q6K1ZiK4/lcZH4667vikyxZmjXnTQR7ALg+Edt6H3pPCQNSDaRg9MCAwEAAaNQME4wHQYDVR0OBBYEFM49ucR9Egxt4vYIpNvC1lIKcSUDMB8GA1UdIwQYMBaAFM49ucR9Egxt4vYIpNvC1lIKcSUDMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEfL2B9CvkwzrP0NTGpg/ZlD8VzRz3q29umJJnZCHmPkfCTi+lHShfH2fTfkw+ntSQo8DbDFiu7G2EO9CgqiE8TiUoLkx8jEeM/On8Rwy6VXLrmzlmcB1YSG44r+RXIekuLvt1f5wHG+HQ4gWVQoON8kbRhfRJBkLTCefzsoELvPIdcWAsYRg1BA5eXmrdfq7W7ALI9O/WWUfNyRjTk7X/RfgB5awkuI1WyMrlsjCrjB4xtNEzcVkg/tvq48xMq6Zsx3GzUXBQu/MhITCYI5xqgbcmAEKjwHyeXcINPh1f8jxfzXIc9u6Or8QgFiSEibtiqrD3IBACksOseJ+m+5aPc=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:X509Data>
          <ds:X509Certificate>MIIDnTCCAoWgAwIBAgIJAID6W0Acj/k5MA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNVBAYTAk5aMQ8wDQYDVQQIDAZOZWxzb24xDzANBgNVBAcMBk5lbHNvbjEUMBIGA1UECgwLTmVsc29uIExvb3AxHjAcBgNVBAMMFWlkcC5jcnlzdGFsLnNjaG9vbC5uejAeFw0xNDA3MDYxOTQ0MjJaFw0yNDA3MDUxOTQ0MjJaMGUxCzAJBgNVBAYTAk5aMQ8wDQYDVQQIDAZOZWxzb24xDzANBgNVBAcMBk5lbHNvbjEUMBIGA1UECgwLTmVsc29uIExvb3AxHjAcBgNVBAMMFWlkcC5jcnlzdGFsLnNjaG9vbC5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALui2EpTSiuByRDWTLG7Eqsdrb+PeBw1uMGbfa5pstB2TTju7+GxD6nAjRPYeyYkRMrFV6lk7Bu+ZM9irX32O3ly67SPikzl9BuqCjsRRxB9klTu/zJ1YpUp8K2VQqexctJY8GqgIpwY3UC+H/kkJXiox1RuQ/GauPO2NFQ6/keZSr3sFmeF/lWn/21Jobsyi5SXX2mN9eOED4FxptDww+i48U/7tynTtaKzEBDAFlZnU8RmLpd2IBoi3KhrssrCnb0kP3f9MoUl+hVmZanQ446PxKtmS82UM1q6K1ZiK4/lcZH4667vikyxZmjXnTQR7ALg+Edt6H3pPCQNSDaRg9MCAwEAAaNQME4wHQYDVR0OBBYEFM49ucR9Egxt4vYIpNvC1lIKcSUDMB8GA1UdIwQYMBaAFM49ucR9Egxt4vYIpNvC1lIKcSUDMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEfL2B9CvkwzrP0NTGpg/ZlD8VzRz3q29umJJnZCHmPkfCTi+lHShfH2fTfkw+ntSQo8DbDFiu7G2EO9CgqiE8TiUoLkx8jEeM/On8Rwy6VXLrmzlmcB1YSG44r+RXIekuLvt1f5wHG+HQ4gWVQoON8kbRhfRJBkLTCefzsoELvPIdcWAsYRg1BA5eXmrdfq7W7ALI9O/WWUfNyRjTk7X/RfgB5awkuI1WyMrlsjCrjB4xtNEzcVkg/tvq48xMq6Zsx3GzUXBQu/MhITCYI5xqgbcmAEKjwHyeXcINPh1f8jxfzXIc9u6Or8QgFiSEibtiqrD3IBACksOseJ+m+5aPc=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.crystal.school.nz/simplesaml/saml2/idp/SingleLogoutService.php"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.crystal.school.nz/simplesaml/saml2/idp/SSOService.php"/>
  </md:IDPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">Crystal Identity</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">Crystal Identity</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">http://www.crystal.school.nz</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="technical">
    <md:SurName>Helpdesk</md:SurName>
    <md:EmailAddress>helpdesk@crystal.school.nz</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>

In simpleSAMLphp flat file format - use this if you are using a simpleSAMLphp entity on the other side:

$metadata['idp.crystal.school.nz'] = array (
  'metadata-set' => 'saml20-idp-remote',
  'entityid' => 'idp.crystal.school.nz',
  'SingleSignOnService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'https://idp.crystal.school.nz/simplesaml/saml2/idp/SSOService.php',
    ),
  ),
  'SingleLogoutService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'https://idp.crystal.school.nz/simplesaml/saml2/idp/SingleLogoutService.php',
    ),
  ),
  'certData' => 'MIIDnTCCAoWgAwIBAgIJAID6W0Acj/k5MA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNVBAYTAk5aMQ8wDQYDVQQIDAZOZWxzb24xDzANBgNVBAcMBk5lbHNvbjEUMBIGA1UECgwLTmVsc29uIExvb3AxHjAcBgNVBAMMFWlkcC5jcnlzdGFsLnNjaG9vbC5uejAeFw0xNDA3MDYxOTQ0MjJaFw0yNDA3MDUxOTQ0MjJaMGUxCzAJBgNVBAYTAk5aMQ8wDQYDVQQIDAZOZWxzb24xDzANBgNVBAcMBk5lbHNvbjEUMBIGA1UECgwLTmVsc29uIExvb3AxHjAcBgNVBAMMFWlkcC5jcnlzdGFsLnNjaG9vbC5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALui2EpTSiuByRDWTLG7Eqsdrb+PeBw1uMGbfa5pstB2TTju7+GxD6nAjRPYeyYkRMrFV6lk7Bu+ZM9irX32O3ly67SPikzl9BuqCjsRRxB9klTu/zJ1YpUp8K2VQqexctJY8GqgIpwY3UC+H/kkJXiox1RuQ/GauPO2NFQ6/keZSr3sFmeF/lWn/21Jobsyi5SXX2mN9eOED4FxptDww+i48U/7tynTtaKzEBDAFlZnU8RmLpd2IBoi3KhrssrCnb0kP3f9MoUl+hVmZanQ446PxKtmS82UM1q6K1ZiK4/lcZH4667vikyxZmjXnTQR7ALg+Edt6H3pPCQNSDaRg9MCAwEAAaNQME4wHQYDVR0OBBYEFM49ucR9Egxt4vYIpNvC1lIKcSUDMB8GA1UdIwQYMBaAFM49ucR9Egxt4vYIpNvC1lIKcSUDMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEfL2B9CvkwzrP0NTGpg/ZlD8VzRz3q29umJJnZCHmPkfCTi+lHShfH2fTfkw+ntSQo8DbDFiu7G2EO9CgqiE8TiUoLkx8jEeM/On8Rwy6VXLrmzlmcB1YSG44r+RXIekuLvt1f5wHG+HQ4gWVQoON8kbRhfRJBkLTCefzsoELvPIdcWAsYRg1BA5eXmrdfq7W7ALI9O/WWUfNyRjTk7X/RfgB5awkuI1WyMrlsjCrjB4xtNEzcVkg/tvq48xMq6Zsx3GzUXBQu/MhITCYI5xqgbcmAEKjwHyeXcINPh1f8jxfzXIc9u6Or8QgFiSEibtiqrD3IBACksOseJ+m+5aPc=',
  'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
  'OrganizationName' => 
  array (
    'en' => 'Crystal Identity',
  ),
  'OrganizationDisplayName' => 
  array (
    'en' => 'Crystal Identity',
  ),
  'OrganizationURL' => 
  array (
    'en' => 'http://www.crystal.school.nz',
  ),
);

Certificates

Download the X509 certificates as PEM-encoded files.


Powered by Crystal Identity Crystal Logo For further information or assistance email info@crystal.school.nz or phone: 03 7444106