Zoho Help SP claims no metadata

Baron Fujimoto baron at hawaii.edu
Wed Jun 17 04:05:43 UTC 2020

On Wed, Jun 17, 2020 at 02:02:00AM +0000, Cantor, Scott wrote:
>On 6/16/20, 9:48 PM, "users on behalf of Baron Fujimoto" <users-bounces at shibboleth.net on behalf of baron at hawaii.edu> wrote:
>> Ok, so if the SP wants a login URL, that's what they'd used. We can leave it to them to figure out how they want to
>> present it to the user?
>No, they will do nothing, I imagine. You have to put it somewhere.
>> This whole thread started off because I didn't know what to do with an SP who will not provide metadata.
>And the answer is that you have to construct it, and there's nothing unusual about that.
>> After some digression which I think the gist of was, metadata is not technically required,
>I saw nothing implying that in this thread, but it's untrue in any event.
>> I tried to come to an understanding of unsolicited SSO. But now it seems like SP's metadata will be necessary after all for
>> the IdP to provide attributes and/or a specific NameIDFormat?
>It's necessary, period, and has nothing to do with whether SSO is normal/solicited or not.

Hmm, well, I did ask directly in my first followup to a response where it was stated that metadata was not required for SAML, "Am I correct that, regardless of this SP's willingness to provide metadata, it will nonetheless be required for configuring the Shib IdP to work with them?" to which I received no confirmation. At any rate, now that this is known, I will pursue that.

UH Information Technology Services : Identity & Access Mgmt, Middleware
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum

More information about the users mailing list