SAML 2.0 IdP Metadata
Here is the metadata that SimpleSAMLphp has generated for you. You may send this metadata document to trusted partners to setup a trusted federation.
You can get the metadata xml on a dedicated URL:
https://taat.eamt.ee/taat/saml2/idp/metadata.php
Metadata
In SAML 2.0 Metadata XML format:
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://taat.eamt.ee/taat/saml2/idp/metadata.php"> <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" WantAuthnRequestsSigned="true"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIEqzCCAxOgAwIBAgIUdE7ZfHUZtETo8IXA1OonDROeKmowDQYJKoZIhvcNAQELBQAwZTELMAkGA1UEBhMCRVQxDjAMBgNVBAgMBUhhcmp1MRAwDgYDVQQHDAdUYWxsaW5uMQ0wCwYDVQQKDARFQU1UMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPc2lzZS5lbWEuZWR1LmVlMB4XDTIxMDkyNDE0MDUyNVoXDTM3MDMxNjE0MDUyNVowZTELMAkGA1UEBhMCRVQxDjAMBgNVBAgMBUhhcmp1MRAwDgYDVQQHDAdUYWxsaW5uMQ0wCwYDVQQKDARFQU1UMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPc2lzZS5lbWEuZWR1LmVlMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA8dPghjcsABHqYXBVAeAGO+9O0cO3XTExdaB9ToqWhX+4KhwoNQbUvGi96loUsrBmQpLqWMiqTIIXwJ2twgiDr2ypr9s9do1w0sLVZ5B0nzmS0m/N6w29v+pN/EWQEoS7yxYr8+U4m5tj2N/u9nCLVcbSmOoGpzPcPPrMkTg3puZwmk8CULJDXRzy5cnwGFQzOTrYJuSvxB3yTFdPPnJ3b6b4QvUbKnNa2dfG1VBUjviePev9Zl/S9Wxg69MaVhytpE50h7+QCed0Qn1GAIsKlSr0KhUeOGzeydJP8Ft/0YuuXdwdYixU5PCFJyPtBZc7Os65jx7Kb132M7xxmmLimIlccFfl08PfpEaIDqV6xLUUONnk0tS88WWMIvB5OrVH5ro1wS34xDMGjrzAWPRgHHFZV4QBLg+++AfTj0cKH7WcFBqgE//Vd6SLFAfvCwriz+fVeJH67CD0arv4jbpiuUNPeXKpqTB9LvNkYeIu2wIkmnN3ntPl5eiMxDiI13hjAgMBAAGjUzBRMB0GA1UdDgQWBBT21iruAyUXfw3K02KzqmnIWR8NaDAfBgNVHSMEGDAWgBT21iruAyUXfw3K02KzqmnIWR8NaDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBgQANhGNA95HRnqecAYg1QLXBVEV/ZtaJD7wP1UOxAC1soYuCkqY11DKsBrwvPUqq0hN/+cRvDWlpmUo5/NCjwTpvx6SZB5jBYjpSJ/GrQskeP/nkto7P1SCKBLaYOL1jCkE+zhWnIx61x9Vv9jGs6MhdE6jK6eJHd+oPKEDQ0y7ppCFK6lUenLOuk+PYZCAaLcuGZMzQkBwTFGG2VzDjQoudKVX3xiuSVft92N1ofdUP5YzB8VoAgDDhiSKnkxTI31EJ/iM/++eNz4RSf61K2GRPRXllsnV4rq9QQQedbHk+JW2C5LYMUdRlWhdCJc9HAfuPWSHix6Cxc3nIOPWDsHN3Wp39d73wCaYoyN4V4SECG/IxDxsjOrNFVR4AgCPWni22TJ6Kelhmj6OWVVffou+fPIsJ4dT1BoLdq7Hu929M0hy9Z6/nbs1enhvs5gv7wCUNxIj1P7iomPgZTCyX2QasYHnIssh07XE5HX+euSywEVYv+v6w9Y2hZ4IpTtW6ICI=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>MIIEqzCCAxOgAwIBAgIUdE7ZfHUZtETo8IXA1OonDROeKmowDQYJKoZIhvcNAQELBQAwZTELMAkGA1UEBhMCRVQxDjAMBgNVBAgMBUhhcmp1MRAwDgYDVQQHDAdUYWxsaW5uMQ0wCwYDVQQKDARFQU1UMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPc2lzZS5lbWEuZWR1LmVlMB4XDTIxMDkyNDE0MDUyNVoXDTM3MDMxNjE0MDUyNVowZTELMAkGA1UEBhMCRVQxDjAMBgNVBAgMBUhhcmp1MRAwDgYDVQQHDAdUYWxsaW5uMQ0wCwYDVQQKDARFQU1UMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPc2lzZS5lbWEuZWR1LmVlMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA8dPghjcsABHqYXBVAeAGO+9O0cO3XTExdaB9ToqWhX+4KhwoNQbUvGi96loUsrBmQpLqWMiqTIIXwJ2twgiDr2ypr9s9do1w0sLVZ5B0nzmS0m/N6w29v+pN/EWQEoS7yxYr8+U4m5tj2N/u9nCLVcbSmOoGpzPcPPrMkTg3puZwmk8CULJDXRzy5cnwGFQzOTrYJuSvxB3yTFdPPnJ3b6b4QvUbKnNa2dfG1VBUjviePev9Zl/S9Wxg69MaVhytpE50h7+QCed0Qn1GAIsKlSr0KhUeOGzeydJP8Ft/0YuuXdwdYixU5PCFJyPtBZc7Os65jx7Kb132M7xxmmLimIlccFfl08PfpEaIDqV6xLUUONnk0tS88WWMIvB5OrVH5ro1wS34xDMGjrzAWPRgHHFZV4QBLg+++AfTj0cKH7WcFBqgE//Vd6SLFAfvCwriz+fVeJH67CD0arv4jbpiuUNPeXKpqTB9LvNkYeIu2wIkmnN3ntPl5eiMxDiI13hjAgMBAAGjUzBRMB0GA1UdDgQWBBT21iruAyUXfw3K02KzqmnIWR8NaDAfBgNVHSMEGDAWgBT21iruAyUXfw3K02KzqmnIWR8NaDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBgQANhGNA95HRnqecAYg1QLXBVEV/ZtaJD7wP1UOxAC1soYuCkqY11DKsBrwvPUqq0hN/+cRvDWlpmUo5/NCjwTpvx6SZB5jBYjpSJ/GrQskeP/nkto7P1SCKBLaYOL1jCkE+zhWnIx61x9Vv9jGs6MhdE6jK6eJHd+oPKEDQ0y7ppCFK6lUenLOuk+PYZCAaLcuGZMzQkBwTFGG2VzDjQoudKVX3xiuSVft92N1ofdUP5YzB8VoAgDDhiSKnkxTI31EJ/iM/++eNz4RSf61K2GRPRXllsnV4rq9QQQedbHk+JW2C5LYMUdRlWhdCJc9HAfuPWSHix6Cxc3nIOPWDsHN3Wp39d73wCaYoyN4V4SECG/IxDxsjOrNFVR4AgCPWni22TJ6Kelhmj6OWVVffou+fPIsJ4dT1BoLdq7Hu929M0hy9Z6/nbs1enhvs5gv7wCUNxIj1P7iomPgZTCyX2QasYHnIssh07XE5HX+euSywEVYv+v6w9Y2hZ4IpTtW6ICI=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://taat.eamt.ee/taat/saml2/idp/SingleLogoutService.php"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://taat.eamt.ee/taat/saml2/idp/SSOService.php"/> </md:IDPSSODescriptor> <md:ContactPerson contactType="technical"> <md:GivenName>Innar</md:GivenName> <md:EmailAddress>mailto:innar@eamt.ee</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
In SimpleSAMLphp flat file format - use this if you are using a SimpleSAMLphp entity on the other side:
$metadata['https://taat.eamt.ee/taat/saml2/idp/metadata.php'] = [ 'metadata-set' => 'saml20-idp-remote', 'entityid' => 'https://taat.eamt.ee/taat/saml2/idp/metadata.php', 'SingleSignOnService' => [ [ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://taat.eamt.ee/taat/saml2/idp/SSOService.php', ], ], 'SingleLogoutService' => [ [ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => 'https://taat.eamt.ee/taat/saml2/idp/SingleLogoutService.php', ], ], 'certData' => 'MIIEqzCCAxOgAwIBAgIUdE7ZfHUZtETo8IXA1OonDROeKmowDQYJKoZIhvcNAQELBQAwZTELMAkGA1UEBhMCRVQxDjAMBgNVBAgMBUhhcmp1MRAwDgYDVQQHDAdUYWxsaW5uMQ0wCwYDVQQKDARFQU1UMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPc2lzZS5lbWEuZWR1LmVlMB4XDTIxMDkyNDE0MDUyNVoXDTM3MDMxNjE0MDUyNVowZTELMAkGA1UEBhMCRVQxDjAMBgNVBAgMBUhhcmp1MRAwDgYDVQQHDAdUYWxsaW5uMQ0wCwYDVQQKDARFQU1UMQswCQYDVQQLDAJJVDEYMBYGA1UEAwwPc2lzZS5lbWEuZWR1LmVlMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA8dPghjcsABHqYXBVAeAGO+9O0cO3XTExdaB9ToqWhX+4KhwoNQbUvGi96loUsrBmQpLqWMiqTIIXwJ2twgiDr2ypr9s9do1w0sLVZ5B0nzmS0m/N6w29v+pN/EWQEoS7yxYr8+U4m5tj2N/u9nCLVcbSmOoGpzPcPPrMkTg3puZwmk8CULJDXRzy5cnwGFQzOTrYJuSvxB3yTFdPPnJ3b6b4QvUbKnNa2dfG1VBUjviePev9Zl/S9Wxg69MaVhytpE50h7+QCed0Qn1GAIsKlSr0KhUeOGzeydJP8Ft/0YuuXdwdYixU5PCFJyPtBZc7Os65jx7Kb132M7xxmmLimIlccFfl08PfpEaIDqV6xLUUONnk0tS88WWMIvB5OrVH5ro1wS34xDMGjrzAWPRgHHFZV4QBLg+++AfTj0cKH7WcFBqgE//Vd6SLFAfvCwriz+fVeJH67CD0arv4jbpiuUNPeXKpqTB9LvNkYeIu2wIkmnN3ntPl5eiMxDiI13hjAgMBAAGjUzBRMB0GA1UdDgQWBBT21iruAyUXfw3K02KzqmnIWR8NaDAfBgNVHSMEGDAWgBT21iruAyUXfw3K02KzqmnIWR8NaDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBgQANhGNA95HRnqecAYg1QLXBVEV/ZtaJD7wP1UOxAC1soYuCkqY11DKsBrwvPUqq0hN/+cRvDWlpmUo5/NCjwTpvx6SZB5jBYjpSJ/GrQskeP/nkto7P1SCKBLaYOL1jCkE+zhWnIx61x9Vv9jGs6MhdE6jK6eJHd+oPKEDQ0y7ppCFK6lUenLOuk+PYZCAaLcuGZMzQkBwTFGG2VzDjQoudKVX3xiuSVft92N1ofdUP5YzB8VoAgDDhiSKnkxTI31EJ/iM/++eNz4RSf61K2GRPRXllsnV4rq9QQQedbHk+JW2C5LYMUdRlWhdCJc9HAfuPWSHix6Cxc3nIOPWDsHN3Wp39d73wCaYoyN4V4SECG/IxDxsjOrNFVR4AgCPWni22TJ6Kelhmj6OWVVffou+fPIsJ4dT1BoLdq7Hu929M0hy9Z6/nbs1enhvs5gv7wCUNxIj1P7iomPgZTCyX2QasYHnIssh07XE5HX+euSywEVYv+v6w9Y2hZ4IpTtW6ICI=', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', 'redirect.sign' => true, 'contacts' => [ [ 'emailAddress' => 'innar@eamt.ee', 'contactType' => 'technical', 'givenName' => 'Innar', ], ], ];
Certificates
Download the X509 certificates as PEM-encoded files.