...
One of the first things a prospective Federation participant should do is designate at least two Site Administrators to manage metadata. Beyond the obvious advantages of having a trained administrator for backup administratorpurposes, multiple Site Administrators has security advantages as well. Like password changes, metadata updates generate email notifications to all designated Site Administrators, which helps prevent both honest mistakes and malicious activity.
...
The importance of a secure, automated metadata refresh process can not be over-emphasized. All participants are strongly encouraged to configure their software to refresh and verify metadata at least daily. An optimal process will attempt to refresh metadata every hour and will intelligently short-circuit that attempt if the metadata file has not changed on the server. This is done using a technique called HTTP Conditional GET.
Read more about Metadata Consumption...
Key Generation
A secure web server typically protects its resources with TLS. To obtain a trusted TLS certificate, an administrator issues a Certificate Signing Request (CSR) to a trusted CA. In doing so, a private TLS key is generated. This key must be generated securely and kept safe for the entirety of its lifetime. See: TLS Server Certificates
...
Read more about Entity IDs in metadata...
Scope
A Scope is a DNS name suffix appended to so-called scoped attributes (such as eduPersonPrincipalName) that indicates the asserting IdP. Since these attributes are typically used for access control at the SP, they are likewise difficult to change once released into the wild. That's why the best Scope value is the primary domain of the organization. If that changes…well, let's hope that doesn't happen.
...
- Do not publish SAML1 endpoints in metadata
- Do not publish a SAML2
AttributeServiceendpoint in metadata - Do not publish SOAP-based endpoints in metadata
Read more about the recommended Protocol Support for New IdPs...