Changing IDP Metadata Cert

Cantor, Scott cantor.2 at
Tue Aug 16 23:47:12 UTC 2022

On 8/16/22, 4:24 PM, "users on behalf of Jason Rotunno via users" <users-bounces at on behalf of users at> wrote:

>    Thanks, Scott. That's actually helpful.

Well, at least not wasted time then.

The problem is that the "best" ways to tackle the whole problem involve some pretty advanced approaches to configuring the IdP that we need to put together more how-tos on because it's very hard to get across what you can do with the system in a simple email.

Basically it's possible to construct beans that represent the security configuration, including the signing key, and you can attach tags to the metadata for SPs that identify which security config to use, or default to the standard one.

That's where you want to be and we probably need to start shipping some defaults that lay all that out so it's easier to adopt that approach.

-- Scott

More information about the users mailing list