SAML 2.0 IdP Metadata
Here is the metadata that SimpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.
You can get the metadata xml on a dedicated URL:
https://auth.lotteries.dev/auth/saml2/idp/metadata.php
Metadata
In SAML 2.0 Metadata XML format:
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://auth.lotteries.dev/auth/saml2/idp/metadata.php">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIFDTCCA3WgAwIBAgIUPECGEmX8KjoKDMHHGDVk39WbCgUwDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNVBAYTAkFVMRgwFgYDVQQIDA9Tb3V0aCBBdXN0cmFsaWExETAPBgNVBAcMCEFkZWxhaWRlMRowGAYDVQQKDBFMaWdodGJ1bGIgRGlnaXRhbDETMBEGA1UEAwwKZ3JlZy5sb2NhbDEoMCYGCSqGSIb3DQEJARYZc3VwcG9ydEBsaWdodGJ1bGIuZGlnaXRhbDAeFw0yMDA1MDcwNzM1NDBaFw0zMDA1MDcwNzM1NDBaMIGVMQswCQYDVQQGEwJBVTEYMBYGA1UECAwPU291dGggQXVzdHJhbGlhMREwDwYDVQQHDAhBZGVsYWlkZTEaMBgGA1UECgwRTGlnaHRidWxiIERpZ2l0YWwxEzARBgNVBAMMCmdyZWcubG9jYWwxKDAmBgkqhkiG9w0BCQEWGXN1cHBvcnRAbGlnaHRidWxiLmRpZ2l0YWwwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCZKu67HQuZIRpYFBWMfLEVnycuIzIENKOY14CeyK+z3iIfY/JAn5FfyPEPt1ewtgP9oknGU6G3U6oCGB0ztjcBs2t89+mz2AR8GN97ba7TUgIvOaBVFqTjH/0c9Iz2M+tCTijRzaO/2arwl3v+vUDH87s989EJjTSCnHOQYdX3tODZSwSAxtnEILSNoX6UwNyiEZRLELmwk/G6N/zYYVg+F7QSCBAthsX3ZcfBWB/4ExbJ6YSptjGdDT5BFgsfAPGlA3vmSw5GGAqnsExdlD7jqQ9vMUtnvzuwQGzrbdwm9qSZjxlAWhDOc7qOG/bp2SoOb0ascfgqwwR7yQzYKo0AAqUBFn2X/xaFuM5wZU1v1jLLdJ1hC0HIrOafsjm5zk9hBI93wt/XRhLKdbNiN91jcJqNw6TjJdTfPAUvJry2y9IBt4IRhwwslHDoPyanj04MJUbYemPxZqYBpKOjLe8P/RryuZ2L9WAYGphXAVccBSeGNtiGtY9FFHKSZJzxt70CAwEAAaNTMFEwHQYDVR0OBBYEFAOnqPfQ+M8k00+Jgj4sIEpHcxpyMB8GA1UdIwQYMBaAFAOnqPfQ+M8k00+Jgj4sIEpHcxpyMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBAC0TzhJwXBMZbI3Xwi23JY7WyEe0XWQZlAXmycYUSH/McAm+7n8FTd5QXd/Mk7FsSJTVXp+Mo5VBRv/SmeE0WQnaYMqnMIjihXzchwYZby4GAlMfZa+zYj7+XkFdZLh6LJlIZFD099UKM0gDpqvRXJ7X9QakjpjrbVgQ0CFNKNHZ7z6AjjXS6quO2yCQbfZlI1dLnzbLxRfxT3Y+NAniMbP4HxQwjWLZVU76AIWaYY85rykiqBiUdgNAV5W+hFdbOtn7JbcEUn5AgVCKULpf6t9UjByv1Wa8BU35uBgnrR8lFjOD8m0f65qOMKEy8i8aKwcsmp3UVfq5mQDFlQlf603eHfJXiLTRFt3mfsBbKM9rvcAscX9PWHbwfjcZqcTS1f0mJW1v5PnD38e4SVkyzh00Qht6ypJ8qhdb0Ao7m5VBoxf7Fv4cuajw2nJun/uib7xaUXJnIl8SNPqc2P5kIz3Rz4Q+ncTeJpAs9svk7zRGoiJWEATQAAeGEl4qP7maXQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIFDTCCA3WgAwIBAgIUPECGEmX8KjoKDMHHGDVk39WbCgUwDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNVBAYTAkFVMRgwFgYDVQQIDA9Tb3V0aCBBdXN0cmFsaWExETAPBgNVBAcMCEFkZWxhaWRlMRowGAYDVQQKDBFMaWdodGJ1bGIgRGlnaXRhbDETMBEGA1UEAwwKZ3JlZy5sb2NhbDEoMCYGCSqGSIb3DQEJARYZc3VwcG9ydEBsaWdodGJ1bGIuZGlnaXRhbDAeFw0yMDA1MDcwNzM1NDBaFw0zMDA1MDcwNzM1NDBaMIGVMQswCQYDVQQGEwJBVTEYMBYGA1UECAwPU291dGggQXVzdHJhbGlhMREwDwYDVQQHDAhBZGVsYWlkZTEaMBgGA1UECgwRTGlnaHRidWxiIERpZ2l0YWwxEzARBgNVBAMMCmdyZWcubG9jYWwxKDAmBgkqhkiG9w0BCQEWGXN1cHBvcnRAbGlnaHRidWxiLmRpZ2l0YWwwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCZKu67HQuZIRpYFBWMfLEVnycuIzIENKOY14CeyK+z3iIfY/JAn5FfyPEPt1ewtgP9oknGU6G3U6oCGB0ztjcBs2t89+mz2AR8GN97ba7TUgIvOaBVFqTjH/0c9Iz2M+tCTijRzaO/2arwl3v+vUDH87s989EJjTSCnHOQYdX3tODZSwSAxtnEILSNoX6UwNyiEZRLELmwk/G6N/zYYVg+F7QSCBAthsX3ZcfBWB/4ExbJ6YSptjGdDT5BFgsfAPGlA3vmSw5GGAqnsExdlD7jqQ9vMUtnvzuwQGzrbdwm9qSZjxlAWhDOc7qOG/bp2SoOb0ascfgqwwR7yQzYKo0AAqUBFn2X/xaFuM5wZU1v1jLLdJ1hC0HIrOafsjm5zk9hBI93wt/XRhLKdbNiN91jcJqNw6TjJdTfPAUvJry2y9IBt4IRhwwslHDoPyanj04MJUbYemPxZqYBpKOjLe8P/RryuZ2L9WAYGphXAVccBSeGNtiGtY9FFHKSZJzxt70CAwEAAaNTMFEwHQYDVR0OBBYEFAOnqPfQ+M8k00+Jgj4sIEpHcxpyMB8GA1UdIwQYMBaAFAOnqPfQ+M8k00+Jgj4sIEpHcxpyMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBAC0TzhJwXBMZbI3Xwi23JY7WyEe0XWQZlAXmycYUSH/McAm+7n8FTd5QXd/Mk7FsSJTVXp+Mo5VBRv/SmeE0WQnaYMqnMIjihXzchwYZby4GAlMfZa+zYj7+XkFdZLh6LJlIZFD099UKM0gDpqvRXJ7X9QakjpjrbVgQ0CFNKNHZ7z6AjjXS6quO2yCQbfZlI1dLnzbLxRfxT3Y+NAniMbP4HxQwjWLZVU76AIWaYY85rykiqBiUdgNAV5W+hFdbOtn7JbcEUn5AgVCKULpf6t9UjByv1Wa8BU35uBgnrR8lFjOD8m0f65qOMKEy8i8aKwcsmp3UVfq5mQDFlQlf603eHfJXiLTRFt3mfsBbKM9rvcAscX9PWHbwfjcZqcTS1f0mJW1v5PnD38e4SVkyzh00Qht6ypJ8qhdb0Ao7m5VBoxf7Fv4cuajw2nJun/uib7xaUXJnIl8SNPqc2P5kIz3Rz4Q+ncTeJpAs9svk7zRGoiJWEATQAAeGEl4qP7maXQ==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://auth.lotteries.dev/auth/saml2/idp/SingleLogoutService.php"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://auth.lotteries.dev/auth/saml2/idp/SSOService.php"/>
</md:IDPSSODescriptor>
<md:ContactPerson contactType="technical">
<md:GivenName>Lightbulb</md:GivenName>
<md:SurName>Digital</md:SurName>
<md:EmailAddress>mailto:greg@lightbulb.digital</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
In SimpleSAMLphp flat file format - use this if you are using a SimpleSAMLphp entity on the other side:
$metadata['https://auth.lotteries.dev/auth/saml2/idp/metadata.php'] = [
'metadata-set' => 'saml20-idp-remote',
'entityid' => 'https://auth.lotteries.dev/auth/saml2/idp/metadata.php',
'SingleSignOnService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://auth.lotteries.dev/auth/saml2/idp/SSOService.php',
],
],
'SingleLogoutService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://auth.lotteries.dev/auth/saml2/idp/SingleLogoutService.php',
],
],
'certData' => 'MIIFDTCCA3WgAwIBAgIUPECGEmX8KjoKDMHHGDVk39WbCgUwDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNVBAYTAkFVMRgwFgYDVQQIDA9Tb3V0aCBBdXN0cmFsaWExETAPBgNVBAcMCEFkZWxhaWRlMRowGAYDVQQKDBFMaWdodGJ1bGIgRGlnaXRhbDETMBEGA1UEAwwKZ3JlZy5sb2NhbDEoMCYGCSqGSIb3DQEJARYZc3VwcG9ydEBsaWdodGJ1bGIuZGlnaXRhbDAeFw0yMDA1MDcwNzM1NDBaFw0zMDA1MDcwNzM1NDBaMIGVMQswCQYDVQQGEwJBVTEYMBYGA1UECAwPU291dGggQXVzdHJhbGlhMREwDwYDVQQHDAhBZGVsYWlkZTEaMBgGA1UECgwRTGlnaHRidWxiIERpZ2l0YWwxEzARBgNVBAMMCmdyZWcubG9jYWwxKDAmBgkqhkiG9w0BCQEWGXN1cHBvcnRAbGlnaHRidWxiLmRpZ2l0YWwwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCZKu67HQuZIRpYFBWMfLEVnycuIzIENKOY14CeyK+z3iIfY/JAn5FfyPEPt1ewtgP9oknGU6G3U6oCGB0ztjcBs2t89+mz2AR8GN97ba7TUgIvOaBVFqTjH/0c9Iz2M+tCTijRzaO/2arwl3v+vUDH87s989EJjTSCnHOQYdX3tODZSwSAxtnEILSNoX6UwNyiEZRLELmwk/G6N/zYYVg+F7QSCBAthsX3ZcfBWB/4ExbJ6YSptjGdDT5BFgsfAPGlA3vmSw5GGAqnsExdlD7jqQ9vMUtnvzuwQGzrbdwm9qSZjxlAWhDOc7qOG/bp2SoOb0ascfgqwwR7yQzYKo0AAqUBFn2X/xaFuM5wZU1v1jLLdJ1hC0HIrOafsjm5zk9hBI93wt/XRhLKdbNiN91jcJqNw6TjJdTfPAUvJry2y9IBt4IRhwwslHDoPyanj04MJUbYemPxZqYBpKOjLe8P/RryuZ2L9WAYGphXAVccBSeGNtiGtY9FFHKSZJzxt70CAwEAAaNTMFEwHQYDVR0OBBYEFAOnqPfQ+M8k00+Jgj4sIEpHcxpyMB8GA1UdIwQYMBaAFAOnqPfQ+M8k00+Jgj4sIEpHcxpyMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBAC0TzhJwXBMZbI3Xwi23JY7WyEe0XWQZlAXmycYUSH/McAm+7n8FTd5QXd/Mk7FsSJTVXp+Mo5VBRv/SmeE0WQnaYMqnMIjihXzchwYZby4GAlMfZa+zYj7+XkFdZLh6LJlIZFD099UKM0gDpqvRXJ7X9QakjpjrbVgQ0CFNKNHZ7z6AjjXS6quO2yCQbfZlI1dLnzbLxRfxT3Y+NAniMbP4HxQwjWLZVU76AIWaYY85rykiqBiUdgNAV5W+hFdbOtn7JbcEUn5AgVCKULpf6t9UjByv1Wa8BU35uBgnrR8lFjOD8m0f65qOMKEy8i8aKwcsmp3UVfq5mQDFlQlf603eHfJXiLTRFt3mfsBbKM9rvcAscX9PWHbwfjcZqcTS1f0mJW1v5PnD38e4SVkyzh00Qht6ypJ8qhdb0Ao7m5VBoxf7Fv4cuajw2nJun/uib7xaUXJnIl8SNPqc2P5kIz3Rz4Q+ncTeJpAs9svk7zRGoiJWEATQAAeGEl4qP7maXQ==',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
'contacts' => [
[
'emailAddress' => 'greg@lightbulb.digital',
'contactType' => 'technical',
'givenName' => 'Lightbulb',
'surName' => 'Digital',
],
],
];
Certificates
Download the X509 certificates as PEM-encoded files.