Starting with version 2.2.0, aggregated SAML metadata can be imported. Aggregated metadata is a XML document containing metadata from multiple Identity Providers and/or Service Providers.

To import aggregated metadata, enter the URL to the document in the Aggregated Metadata field Common Metadata URL in the tab Advanced and click Merge Metadata. After importing, the configuration must be saved to be applied.

Multiple dP import

For each IdP found in this metadata, the following happens:

  • If there is no IdP configured with the current Entity Id, a new IdP configuration is added. The name is generated using the metadata's organization attribute. This name is not changed on following imports.
  • If there is already an IdP configuration present with the current Entity Id, this configuraton is updated using the metadata. This explicitly includes the URLs and certificates.

So the import can be repeated anytime to update all contained IdPs, e.g. to update renewed certificates. Currently, the metadata needs to be updated manually, automatic refresh of metadata is not implemented yet.

The import has been tested with containing 54 Identity Providers during the test.

Adding a high number of Identity Providers slows down the administration page. We strongly recommmend testing the import of aggregated metadata in a staging environment before importing it on a live system.