Registration
Onboarding InCommon SP requires more information (than spdb) and you would also need Stanford InCommon SiteAdmin to submit the registration for you.
Prepare for InCommon UI Components
- DisplayName
- Description
- InformationURL
- PrivacyStatementURL
- Logo URL
- Logo Width x Height (pixels)
References, see InCommon SP User Interface Elements in Metadata.
Option to export to eduGAIN (in addition to InCommon)
- Default is No
Review Baseline Expectation
- All InCommon SPs are expected to meet Baseline Expectation. Read it and ensure your SP is compliant.
- Test your server against ssllabs. You need to have a score of A or better.
File a SNOW Ticket to register your SP in InCommon
-
Provide the metadata URL of SP that we can pull from; or attach your metadata in the ticket. The SAML encryption certificates must be present in your metadata. InCommon Federation does not accept SPs without.
-
Update Stanford InCommon entityID,
urn:mace:incommon:stanford.edu
(ex: urn:mace:incommon:stanford.edu ) as IDP entityID for your SP.
Verify your SP metadata has been published
-
You can download the entire InCommon aggregates, which is usually updated once a day. (Warning, the file size is around 80MB+).
-
Or use the scripts/mdq_url to query your SP metadata.
ex: scripts/mdq_url.sh [entityid]
$ scripts/mdq_url.sh https://stanford.zoom.us
Sample Configuration
Metadata or MDQ
- See InCommon Configure Shibboleth service provider for more details
- A quick example shibboleth2.xml
Shibboleth Embedded Discovery Services
- See Shibboleth EDS
- A quick example shibboleth-eds config