This site requires JavaScript to be enabled
Welcome Guest|
Recent searches

Enterprise Authentication: Service Providers which do not support hosted metadata

Number of views : 14
Article Number : KB0018251
Published on : 2021-04-15
Last modified : 2021-04-15 15:12:03
Knowledge Base : IT Public Self Help

In order to integrate your application with Enterprise Authentication, the Enterprise Authentication Identity Provider (IdP) will need to consume your application's Service Provider's (SP) metadata.

In many cases, the SP metadata will be hosted on the application itself. This is the best case scenario, and you can provide the metadata URL to the Enterprise Authentication team.

In some cases, however, the SP will generate the metadata but not provide a hosting option.

One possible solution is to share the metadata file with the Enterprise Authentication team via UT Box.

  1. Upload the metadata file to an appropriate location. We recommend that you use a Departmental UTBox Account.
  2. In the Box window, hover over the metadata file.
  3. Click Share. (You can also either click the right mouse button or the ellipsis (...) to access Share.)
  4. In the Share window, if needed, turn on the "Create shared link" feature.
  5. In the Share window, click Link Settings. Box displays the Shared Link Settings window.
  6. In the Shared Link Settings window:
    • The Disable Shared Link on feature should be unchecked.
    • The Password Protect feature should be unchecked.
    • In the Allow Download section, check the box labelled Allow users with the Shared Link to download this item.
    • If this link does not appear, you do not have proper permissions to the folder it is in. The owner of the folder will need to extend you permissions to generate the link, or they can generate the link themselves.
  7. Copy the provided Direct Link URL. (The URL should have ".xml" at the end of it.)
  8. Click Save.
  9. Send the Enterprise Authentication team the URL you copied in step 7 above.

Important notes regarding this approach:

  • Do not set an expiration date for the link. Your application will stop working on that day.
  • Do not password protect the link. Enterprise Authentication will be unable to read your metadata.
  • If you need to update the file, use "Upload New Version" (available in the ". . ." menu of an item in the web interface) which will not change the file's share URL.  Changing the URL will break your integration with Enterprise Authentication.

For more information, please reference this documentation from Box:

Thank You! Your feedback has been submitted.