Skip to main content

Download Provider Metadata

This page will walk you through the steps required to download both the SAML 2.0 Identity Provider (IDP) and Service Provider (SP) metadata from Monokee. SAML 2.0 metadata is an XML document that contains information about the configuration and endpoints of a SAML 2.0 IDP or SP. The metadata document provides a standardized way for IDPs and SPs to exchange information about their SAML 2.0 configuration, allowing them to establish trust and enabling SSO (Single Sign-On) between them.

SAML 2.0 metadata typically includes information such as the entity ID of the IDP or SP, the location of the SAML 2.0 endpoint, the public key certificate used to sign SAML messages, and other metadata elements that may be required for SSO. The metadata may also include additional attributes or elements that provide more detailed information about the entity, such as contact information or name formats.

SAML 2.0 metadata is a crucial component in setting up SSO between IDPs and SPs, as it enables both parties to exchange the necessary information for establishing trust and securely transmitting authentication and authorization data.

In Monokee, the metadata exchange process simplifies both the creation and configuration of SAML 2.0 applications and the use of external SAML 2.0 IDPs in the Visual Identity Orchestrator (VIO) flows. With Monokee, you can easily download the necessary metadata files for your IDP or SP, eliminating the need for manual configuration of endpoints and other SAML parameters.

The following steps will guide you through the process of download a SAML 2.0 provider metadata:

  1. Navigate to your Monokee custom fully qualified domain name (FQDN) or if you haven't set up a custom FQDN, go to Monokee's default page and enter your domain ID. Then, enter your login credentials to access your account.

  2. Open the left sidebar and select SAML Providers from the menu.

  3. This will display a two-tab page, choose the tab associated to the desired provider: IDENTITY PROVIDERS or SERVICE PROVIDERS.

  4. Select the accordion of the IDP or SP of interest and click on the Cloud Icon on the right side of the screen. A modal will open from which you can choose if you want to sign the metadata. Flagging the Request signed metadata checkbox you will able to choose the signing algorithm to be used from http://www.w3.org/2000/09/xmldsig#rsa-sha1, http://www.w3.org/2001/04/xmldsig-more#rsa-sha256, http://www.w3.org/2001/04/xmldsig-more#rsa-sha384, http://www.w3.org/2001/04/xmldsig-more#rsa-sha512. In most cases it is not necessary to sign the metadata.

  5. After configuring or skipping the signature options, click on the Download button located at the bottom right of the modal to download the metadata in xml format.

If you flag the Display metadata checkbox on your IDP or SP you could also download the public metadata from an url like this https://<(new.monokee.com/<domain_id>|<domain-custom-fqdn>)>/<(idp|sp)>/saml/2.0/<provider_id>/metadata?signed=<(true|false)>&sigAlg=<(http://www.w3.org/2000/09/xmldsig#rsa-sha1|http://www.w3.org/2001/04/xmldsig-more#rsa-sha256|http://www.w3.org/2001/04/xmldsig-more#rsa-sha384|http://www.w3.org/2001/04/xmldsig-more#rsa-sha512)>