sp services limit
cantor.2 at osu.edu
Fri Apr 8 15:16:08 EDT 2016
> That's self-contradicting. You say the SP has many entityIDs, so if that's true,
> each SSO role in metadata would not need a lot of endpoints.
My underlying point is that validating endpoints isn't terribly efficient in the IdP if it's walking a list of 500 of them, though it wouldn't be noticeable until you get bigger I imagine. If you're going to do that, just sign your requests and skip the endpoint validation in the IdP.
More information about the users