Instructions on how to install the SAML v2 IDP Discovery Service can be found in Installing the SAML v2 IDP Discovery Service. You should also be familiar with The saml2meta Command-line Reference as well as Table 3–2.
Delete the current circle of trust configuration using saml2meta, if applicable.
Create a new circle of trust configuration using saml2meta and the cotcreate subcommand.
saml2meta [-i staging-directory] cotcreate -u admin-user -w password -t COT-name -p idp-discovery-URL-path
Make sure to specify the full path to where the SAML v2 Plug-in for Federation Services is deployed using the -p option.
Add member providers to the new circle of trust using saml2meta and the cotadd subcommand.
saml2meta [-i staging-directory] cotadd -u admin-user -w password -t COT-name -e entity-ID
cotadd can only add a single provider at a time using the -e option. To add a group of providers, you can use the -l option with cotcreate in the previous step.
Verify that all member providers have been added to the circle using saml2meta and the cotlist subcommand.
saml2meta [-i staging-directory] cotlist -u admin-user -w password
Service providers will be redirected to the SAML v2 IDP Discovery Service Reader URL during single sign-on.