By jgarcia - 7/18/2019
I am working in a SAML project (in the SP part) and we just received a Metadata and a .CER from the IdP part.
1. Do we need to send to the IdP part a SP Metadata file?
2. I read in your documents that Metadata files are optional. Where I have to specify the SP information (like EntityID or AssertionConsumerService) if I don't want to use SP Metadata file?
3. In a IdP-Initiated case, when and how the SP send the Metadata to the IdP? Because I have been reading the IdP-Initiated and SP-Initiated flow diagrams (Primer Doc) and there is no communication from SP to IdP (I only saw from IdP to SP).
By ComponentSpace - 7/18/2019
1. We recommend using SAML metadata. If you take a look at our SAML Metadata Guide, you'll see it describes how to create metadata.
2. Using SAML metadata is optional but recommended. The alternative is to communicate your SAML configuration information in some ad hoc manner (eg email, Word document etc).
3. The exchange of SAML metadata occurs prior to SAML SSO and is not involved in any of the SAML SSO flows. The IdP and SP exchange SAML metadata, use this metadata to setup their internal configuration, and then are ready to test SAML SSO.