Saml generate initial idp-metadata-url

When I request SSO, I have to provide metadata. To get the metadata, I need idp-metadata-url, however I don’t have a idp-metadata-url, what goes in that field before I have a real idp-metadata-url.

I have cracked this nut before, but looking back through the logs, I don’t remember exactly what I used in that place, also what are the other configs that are required, seems like roles and names prevent metadata generation initially.

idp-metadata-url should be the URL to the SAML IdP’s Metadata file. The IdP’s metadata file should be the same for every SP, so you should be able to get the IdP’s metadata URL right now.

For example, let’s say you’re using Stanford University’s SAML SP. You can get the metadata URL from their IdP page, before you set up an SP.

Once you have set the idp-metadata-url, you can choose a app-entity-id (often your ShinyProxy root URL) and app-base-url. You can also generate your SAML SP cert, and put it in the keystore. After all that, you should be able to start ShinyProxy and download the ShinyProxy SP Metadata, which you’ll give to the IdP.

1 Like