SAML 2.0 IdP Metadata
Here is the metadata that SimpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.
You can get the metadata xml on a dedicated URL:
https://idp.gsi.de/simplesamlphp/saml2/idp/metadata.php
Metadata
In SAML 2.0 Metadata XML format:
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://idp.gsi.de">
<md:Extensions>
<mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">https://refeds.org/sirtfi</saml:AttributeValue>
</saml:Attribute>
</mdattr:EntityAttributes>
</md:Extensions>
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIG8zCCBdugAwIBAgIQfqul6avbfnk86ll0Vh9GCTANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMB4XDTI0MDQwOTAwMDAwMFoXDTI1MDQwOTIzNTk1OVowcTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjE8MDoGA1UECgwzR1NJIEhlbG1ob2x0enplbnRydW0gZsO8ciBTY2h3ZXJpb25lbmZvcnNjaHVuZyBHbWJIMRMwEQYDVQQDEwppZHAuZ3NpLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBxxGYhsiC84aX6OmfSWaSJlduHTZYIT8tw6mqnA2oy0RMUiE9KEns8V8mUAsG4EQrjKKRabyu11pGuTfPRjaLDpOLbL68VO9MQicyB94umkmKw/1IABhQpGbYfKzQ1gc3jgftbjZh/X6JQz4PD/Yoc24DYjD3B3ywfTqldRG7Co4I9b+xp5MgHE33G9Joma2un+6RfFt3kF92kOEn+1CdqfYeTexJHXbsr84/BWzc/XwvvKg2NpU65K8ng0EhbLqJuFNQdnF2Wevcvmsl85kPpy9PDmYDkMRMAgya/Us9GRr2m09ccXUAk3eN0zRZnoKEHPeA4dNPE5b2C0YHCziwIDAQABo4IDYDCCA1wwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFAS+lWc6xVSX/WKyImNmIqt1XYNIMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOxH89XAAABAMARzBFAiEApckBviBAL85SgDFVVMk7njxz3vNGK5iox8zT1s8rRp0CIH/JdLImDz5gdHOy4yJIAAV7ZA1SPvJkIY1gP0fsM0EtAHUAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGOxH882wAABAMARjBEAiAI58DxpWZCr3l1FClwe5vmySqq1ZjETi61KLKoJjD0WAIgddOrWcuot9FXykS4RbdXIm2yfQt6r+ebut4fily5uoYAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY7EfzzcAAAEAwBIMEYCIQD2VO8CP3SHJDV6Jba3piB3hUGKjBVowMGLc+htrMyLuQIhAKA5Dkn2eDoet1www1GhQzc/9DWAv1XA6cwkjw24krIKMCYGA1UdEQQfMB2CCmlkcC5nc2kuZGWCD2x4d3d3MTEyLmdzaS5kZTANBgkqhkiG9w0BAQsFAAOCAQEAe5x4ntjsNc9n+epHf94AoAhGSOLxn6xRCgc2o+3UdoHAXXWMOw31NftcRABq0uoWdT3RR1StlXXERmCWo1sAt5yrKfjFlpXQiWYZsbrDEImVPJTgdby3PBUmSHPALU24c1iBubUyVAqMtqYxp84M271HWym8DZSzBtrUz1KovHOAuAmjXP/sJ1uXOfwkrHd/w1M4FwvpojuxnqcigUSCbyTACZt6euSJZ4mN/Ck2jqlJm13mrFyQGCdU7W+rthfVv4PN8Vze8Shyz+nJr2+fKLapja5pQiTQ6cApCF5zxJEI4AWBJZpJVyzu9n0lHP9Jz4cJ3teCL6MaGNRk2jCxtQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIG8zCCBdugAwIBAgIQfqul6avbfnk86ll0Vh9GCTANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMB4XDTI0MDQwOTAwMDAwMFoXDTI1MDQwOTIzNTk1OVowcTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjE8MDoGA1UECgwzR1NJIEhlbG1ob2x0enplbnRydW0gZsO8ciBTY2h3ZXJpb25lbmZvcnNjaHVuZyBHbWJIMRMwEQYDVQQDEwppZHAuZ3NpLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBxxGYhsiC84aX6OmfSWaSJlduHTZYIT8tw6mqnA2oy0RMUiE9KEns8V8mUAsG4EQrjKKRabyu11pGuTfPRjaLDpOLbL68VO9MQicyB94umkmKw/1IABhQpGbYfKzQ1gc3jgftbjZh/X6JQz4PD/Yoc24DYjD3B3ywfTqldRG7Co4I9b+xp5MgHE33G9Joma2un+6RfFt3kF92kOEn+1CdqfYeTexJHXbsr84/BWzc/XwvvKg2NpU65K8ng0EhbLqJuFNQdnF2Wevcvmsl85kPpy9PDmYDkMRMAgya/Us9GRr2m09ccXUAk3eN0zRZnoKEHPeA4dNPE5b2C0YHCziwIDAQABo4IDYDCCA1wwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFAS+lWc6xVSX/WKyImNmIqt1XYNIMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOxH89XAAABAMARzBFAiEApckBviBAL85SgDFVVMk7njxz3vNGK5iox8zT1s8rRp0CIH/JdLImDz5gdHOy4yJIAAV7ZA1SPvJkIY1gP0fsM0EtAHUAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGOxH882wAABAMARjBEAiAI58DxpWZCr3l1FClwe5vmySqq1ZjETi61KLKoJjD0WAIgddOrWcuot9FXykS4RbdXIm2yfQt6r+ebut4fily5uoYAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY7EfzzcAAAEAwBIMEYCIQD2VO8CP3SHJDV6Jba3piB3hUGKjBVowMGLc+htrMyLuQIhAKA5Dkn2eDoet1www1GhQzc/9DWAv1XA6cwkjw24krIKMCYGA1UdEQQfMB2CCmlkcC5nc2kuZGWCD2x4d3d3MTEyLmdzaS5kZTANBgkqhkiG9w0BAQsFAAOCAQEAe5x4ntjsNc9n+epHf94AoAhGSOLxn6xRCgc2o+3UdoHAXXWMOw31NftcRABq0uoWdT3RR1StlXXERmCWo1sAt5yrKfjFlpXQiWYZsbrDEImVPJTgdby3PBUmSHPALU24c1iBubUyVAqMtqYxp84M271HWym8DZSzBtrUz1KovHOAuAmjXP/sJ1uXOfwkrHd/w1M4FwvpojuxnqcigUSCbyTACZt6euSJZ4mN/Ck2jqlJm13mrFyQGCdU7W+rthfVv4PN8Vze8Shyz+nJr2+fKLapja5pQiTQ6cApCF5zxJEI4AWBJZpJVyzu9n0lHP9Jz4cJ3teCL6MaGNRk2jCxtQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.gsi.de/simplesamlphp/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.gsi.de/simplesamlphp/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">GSI Helmholtzzentrum für Schwerionenforschung</md:OrganizationName>
<md:OrganizationName xml:lang="de">GSI Helmholtzzentrum für Schwerionenforschung</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">GSI Helmholtzzentrum für Schwerionenforschung</md:OrganizationDisplayName>
<md:OrganizationDisplayName xml:lang="de">GSI Helmholtzzentrum für Schwerionenforschung</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="de">https://www.gsi.de</md:OrganizationURL>
<md:OrganizationURL xml:lang="en">https://www.gsi.de/en</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="other" xmlns:remd="http://refeds.org/metadata" remd:contactType="http://refeds.org/metadata/contactType/security">
<md:Company>GSI Helmholtzzentrum für Schwerionenforschung</md:Company>
<md:GivenName>Walter</md:GivenName>
<md:SurName>Schoen</md:SurName>
<md:EmailAddress>mailto:it-security@gsi.de</md:EmailAddress>
<md:TelephoneNumber>+49(0)6159710</md:TelephoneNumber>
</md:ContactPerson>
<md:ContactPerson contactType="technical">
<md:GivenName>Christian</md:GivenName>
<md:SurName>Wolbert</md:SurName>
<md:EmailAddress>mailto:c.wolbert@gsi.de</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
In SimpleSAMLphp flat file format - use this if you are using a SimpleSAMLphp entity on the other side:
$metadata['https://idp.gsi.de'] = [
'metadata-set' => 'saml20-idp-remote',
'entityid' => 'https://idp.gsi.de',
'SingleSignOnService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://idp.gsi.de/simplesamlphp/saml2/idp/SSOService.php',
],
],
'SingleLogoutService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://idp.gsi.de/simplesamlphp/saml2/idp/SingleLogoutService.php',
],
],
'certData' => 'MIIG8zCCBdugAwIBAgIQfqul6avbfnk86ll0Vh9GCTANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMB4XDTI0MDQwOTAwMDAwMFoXDTI1MDQwOTIzNTk1OVowcTELMAkGA1UEBhMCREUxDzANBgNVBAgTBkhlc3NlbjE8MDoGA1UECgwzR1NJIEhlbG1ob2x0enplbnRydW0gZsO8ciBTY2h3ZXJpb25lbmZvcnNjaHVuZyBHbWJIMRMwEQYDVQQDEwppZHAuZ3NpLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBxxGYhsiC84aX6OmfSWaSJlduHTZYIT8tw6mqnA2oy0RMUiE9KEns8V8mUAsG4EQrjKKRabyu11pGuTfPRjaLDpOLbL68VO9MQicyB94umkmKw/1IABhQpGbYfKzQ1gc3jgftbjZh/X6JQz4PD/Yoc24DYjD3B3ywfTqldRG7Co4I9b+xp5MgHE33G9Joma2un+6RfFt3kF92kOEn+1CdqfYeTexJHXbsr84/BWzc/XwvvKg2NpU65K8ng0EhbLqJuFNQdnF2Wevcvmsl85kPpy9PDmYDkMRMAgya/Us9GRr2m09ccXUAk3eN0zRZnoKEHPeA4dNPE5b2C0YHCziwIDAQABo4IDYDCCA1wwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFAS+lWc6xVSX/WKyImNmIqt1XYNIMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOxH89XAAABAMARzBFAiEApckBviBAL85SgDFVVMk7njxz3vNGK5iox8zT1s8rRp0CIH/JdLImDz5gdHOy4yJIAAV7ZA1SPvJkIY1gP0fsM0EtAHUAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGOxH882wAABAMARjBEAiAI58DxpWZCr3l1FClwe5vmySqq1ZjETi61KLKoJjD0WAIgddOrWcuot9FXykS4RbdXIm2yfQt6r+ebut4fily5uoYAdwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY7EfzzcAAAEAwBIMEYCIQD2VO8CP3SHJDV6Jba3piB3hUGKjBVowMGLc+htrMyLuQIhAKA5Dkn2eDoet1www1GhQzc/9DWAv1XA6cwkjw24krIKMCYGA1UdEQQfMB2CCmlkcC5nc2kuZGWCD2x4d3d3MTEyLmdzaS5kZTANBgkqhkiG9w0BAQsFAAOCAQEAe5x4ntjsNc9n+epHf94AoAhGSOLxn6xRCgc2o+3UdoHAXXWMOw31NftcRABq0uoWdT3RR1StlXXERmCWo1sAt5yrKfjFlpXQiWYZsbrDEImVPJTgdby3PBUmSHPALU24c1iBubUyVAqMtqYxp84M271HWym8DZSzBtrUz1KovHOAuAmjXP/sJ1uXOfwkrHd/w1M4FwvpojuxnqcigUSCbyTACZt6euSJZ4mN/Ck2jqlJm13mrFyQGCdU7W+rthfVv4PN8Vze8Shyz+nJr2+fKLapja5pQiTQ6cApCF5zxJEI4AWBJZpJVyzu9n0lHP9Jz4cJ3teCL6MaGNRk2jCxtQ==',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
'OrganizationName' => [
'en' => 'GSI Helmholtzzentrum für Schwerionenforschung',
'de' => 'GSI Helmholtzzentrum für Schwerionenforschung',
],
'OrganizationDisplayName' => [
'en' => 'GSI Helmholtzzentrum für Schwerionenforschung',
'de' => 'GSI Helmholtzzentrum für Schwerionenforschung',
],
'OrganizationURL' => [
'de' => 'https://www.gsi.de',
'en' => 'https://www.gsi.de/en',
],
'EntityAttributes' => [
'urn:oasis:names:tc:SAML:attribute:assurance-certification' => [
'https://refeds.org/sirtfi',
],
],
'contacts' => [
[
'contactType' => 'other',
'emailAddress' => 'mailto:it-security@gsi.de',
'givenName' => 'Walter',
'surName' => 'Schoen',
'telephoneNumber' => '+49(0)6159710',
'company' => 'GSI Helmholtzzentrum für Schwerionenforschung',
'attributes' => [
'xmlns:remd' => 'http://refeds.org/metadata',
'remd:contactType' => 'http://refeds.org/metadata/contactType/security',
],
],
[
'emailAddress' => 'c.wolbert@gsi.de',
'contactType' => 'technical',
'givenName' => 'Christian',
'surName' => 'Wolbert',
],
],
];
Certificates
Download the X509 certificates as PEM-encoded files.
