...
- Participant Operational Practices (POP) IdP Terms of Use
- (see comment below)
- Appropriate Contacts in Metadata
- Security Incident Response Policy
- (see comment below)
- SP Privacy Policy (targeted at the user)
- (see the Participation Agreement for basic requirements)
- SP Privacy Policy (targeted at the user)
- included in User Interface Elements in SP Metadata
- Attribute Release Policy
- Appropriate Contacts in Metadata
- Security Incident Response Attribute Release Policy
Technical Basics
- Service Endpoints in Metadata
- X.509 Certificates in Metadata
- User Interface Elements in IdP/SP Metadata
- Requested Attributes in SP Metadata
- Service Endpoints in Metadata
Operational Maturity
- Metadata Consumption
- Maintaining Supported Software
- Federation User Experience
- Discovery Best Practices SP User Interface Guidance for the flow through SP, DS, IdP
- Visual "branding" Appropriate help links/contacts at each step.
- Error Handling
- Identity attributes
- Regular (event-driven? nightly?) synchronization with systems of record
- Documentation of locally-defined attributes
- Education
- For end-users
- Privacy
- Appropriate use
- Protection of secrets
- For service providers
- Privacy requirements
- Good UI practice
- For end-users
...