Zoho Help SP claims no metadata

[Baron Fujimoto]

On Wed, Jun 17, 2020 at 01:22:58AM +0000, Cantor, Scott wrote:
>On 6/16/20, 9:12 PM, "users on behalf of Baron Fujimoto" <users-bounces at shibboleth.net on behalf of baron at hawaii.edu> wrote:
>
>> This query string is coming from the SP? So these are items configured on the SP side of things?
>
>No. It's a web link. You have to put it somewhere.

Ok, so if the SP wants a login URL, that's what they'd used. We can leave it to them to figure out how they want to present it to the user?

>
>> What if the SP wants a specific attribute returned?
>> A typical attribute-filter entry for them where it picks up the Requester value from the providerId for a
>> PolicyRequirementRule?
>
>Yes.
>
>> Or if they want a specific NameIDFormat?
>
>You'd put it in their metadata because that's the proper way to do it regardless.
>
>There is nothing special about it. Every single thing you come up with, the answer is going to be "the same way you would have otherwise", with the exception that instead of "accessing the application" to login, you now have a web link that has to go somewhere and the problem of getting people to know about it.

This whole thread started off because I didn't know what to do with an SP who will not provide metadata. After some digression which I think the gist of was, metadata is not technically required, I tried to come to an understanding of unsolicited SSO. But now it seems like SP's metadata will be necessary after all for the IdP to provide attributes and/or a specific NameIDFormat? And if the SP will not provide the metadta themselves, we'll need to cobble some together for them?

-- 
UH Information Technology Services : Identity & Access Mgmt, Middleware
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum