Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
en:checklist [2022/04/04 16:42] – Added examples for Assertion Consumer Services Silke Meyeren:checklist [2022/04/05 13:23] – started to revise content Silke Meyer
Line 18: Line 18:
   * Fill in all fields. If you see **red warnings** correct them before submitting the IdP/SP to production.   * Fill in all fields. If you see **red warnings** correct them before submitting the IdP/SP to production.
   * Use host name resp. URLs that can be resolved from outside your network. Systems with internal top level domains cannot be saved.   * Use host name resp. URLs that can be resolved from outside your network. Systems with internal top level domains cannot be saved.
-  * **Display name:** the name of your institution, organization, or company + 
-  * **Description:** A short descriptione.g"Identity Provider of University XY" +===== Entity ID ===== 
-  * **Information URL:** Website of the institution, organization, or company +A unique string that globally distinguishes this entity from all other entities. The Entity ID is an absolute https-scheme URL. The federation participant has to make sure they are entitled to use the domain in the URL. See the [[en:normative_documents|Metadata Registration Practice Statement]] for details. 
-  * **Privacy Statement URL:** Add the link to your privacy statement. **For Service Providers the field is mandatory.** If you only have a privacy statement in either English or German you can leave the second field blank. + 
-  * The **logos** are displayed during Discovery (IdP favicons) resp. on login screensThat is why they have **maximum sizes**Scale your logos down to fit this size. Logos (big) can have a width of 64 to 240 px and a maximum height of 180 px. Favicons (logo small) have a size of 16 x 16 px. Service Providers do not need a small logo/favicon, just a big oneTo participate in [[de:edugain|eduGAIN (de)]] a working logo URL **must** be submitted.+**Examples:** 
 +  * IdP: https://idp.example.org/idp/shibboleth 
 +  SP: https://sp.example.org/shibboleth 
 + 
 +**Remark:** With Shibboleth IdPsthe Entity ID is configured in ''./conf/idp.properties'', with Shibboleth SPs in ''/etc/shibboleth/shibboleth2.xml''
 + 
 +**ImportantYou cannot change an Entity ID in this form!** Doing so results in a copy of the whole entry being created. The old entity stays unless you explicitly delete it. 
 + 
 +===== Display name ===== 
 +The element ''<mdui:DisplayName>'' contains a human-readable name of the service. Identity Providers' display names are shown in the selection menu of discovery services. Service Providers' display names are displayed on an IdP's login page and in the user consent dialogue. Ampersands must be entered as ''&amp;''
 + 
 +===== Description ===== 
 +A short description for the public DFN-AAI directory and other services extracting human-readable information from federation metadata. Ampersands must be entered as ''&amp;''
 + 
 +===== Information URL ===== 
 +Link to a page containing additional information about the serviceresp. - with IdPs - about the organization. 
 + 
 +===== Privacy Statement URL ===== 
 +Link to the privacy statement of the IdP or SP. **For Service Providers the field is mandatory.** If you only have a privacy statement in either English or German you can leave the second field blank. 
 + 
 +===== Logo ===== 
 +Link to the logo and favicon if the organization resp. the service provider. An IdP favicon is displayed in the selection menu of discovery services. An SP logo is shown on IdP‘s login pagesSP metadata do not require a faviconRequirements and recommendations: 
 +  * <del>New logos and favicons must be uploaded to and served by the metadata administration tool.</del> Logos should be 64 to 240 px wide and 48 to 180 px high. 
 +  * Favicons should have a size of 16 x 16 px. 
 +  * A transparent background is recommended. 
 +  *  
 +Also see the recommendations in the [[https://shibboleth.atlassian.net/wiki/spaces/SHIB2/pages/2578448519/IdPMDUIRecommendations|Shibboleth Wiki]]. 
 + 
   * Please submit at least four **contacts** per system: An administrative contact, a technical one, a support contact and a security contact. We recommend to use non-personalized email addresses, especially for the security contact which could be your Computer Emergency Response Team. If you do not have anything like that, put in the contact that responds in case of security incidents. Please make sure to keep those email addresses up to date!   * Please submit at least four **contacts** per system: An administrative contact, a technical one, a support contact and a security contact. We recommend to use non-personalized email addresses, especially for the security contact which could be your Computer Emergency Response Team. If you do not have anything like that, put in the contact that responds in case of security incidents. Please make sure to keep those email addresses up to date!
   * Have your X.509 **certificate** for SAML-based communication ready. We have an [[en:certificates|information page about certificates]]. The most important items are:   * Have your X.509 **certificate** for SAML-based communication ready. We have an [[en:certificates|information page about certificates]]. The most important items are:
Line 54: Line 82:
 {{:en:metadata_admin_tool:in-progress.png?600|}} {{:en:metadata_admin_tool:in-progress.png?600|}}
  
 +{{tag>mdvdoku}}
  • Last modified: 14 months ago