Service Provider Metadata Reference

This is a reference for Build a Service Provider Metadata File. Each SP metadata .xml file accepts the following elements:

entityID

Unique identifier or name for the service provider. The ID should be a URN or a URL.

Type: String

Required: Yes

Example: https://example.moogsoftaiops.com/moogsvr/mooms

ID

Unique identifier for the root metadata element.

Type: String

Required: No

Example: TW9vZ3NvZnRBSU9wcw==

validUntil

Defines the expiration date of the metadata file. The date should be in ISO 8601 format.

Type: String

Required: No

Example: 2018-08-10T07:47:41+00:00

AuthnRequestsSigned

If enabled, Moogsoft AIOps signs SAML authentication requests as part of the Single Sign-On.

Type: Boolean

Required: No

Default: false

WantAssertionsSigned

If enabled, Moogsoft AIOps expects IdPs to sign any SAML assertions it sends.

Type: String

Required: No

Default: false

KeyDescriptor

Defines the type of signing or the type of encryption that Moogsoft AIOps uses.

Type: String

Required: No

One of: use = "signing", use = "encryption"

X509Certificate

Self-signed certificate that allows Moogsoft AIOps to sign and encrypt each SAML assertion. The certificate should be in DER format and base-64 encoded.

Type: String

Required: No

Example: MIIDijCCAnICCQD[...]+6SBfDCrWFsw==

AssertionConsumerService

Defines the URL or endpoint that receives the SAML assertions. The Location is for the URL and the Binding identifies the method. Supported bindings include: HTTP-Artifact, HTTP-POST, HTTP-POST-SimpleSign, HTTP-Redirect and SOAP.

Type: String

Required: Yes

Example: Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST Location="https://localhost/moogsvr/mooms?request=samlResponse"

In this section: