The saml2meta command line interface creates and manages the circles of trust used by the SAML v2 Plug-in for Federation Services. The following table describes the saml2meta subcommands specific to circle of trust management.
Table 3–2 saml2meta Subcommands for Managing Circles of Trust
Subcommand |
Description |
---|---|
cotcreate |
Creates a circle of trust. |
cotdelete |
Removes a circle of trust. Note – To delete a circle of trust that contains providers, use cotremove to remove each provider first, then use cotdelete to delete the circle itself. |
cotadd |
Adds a trusted provider to an existing circle of trust. Note – cotadd can only add a single entity at a time. Add multiple entities when you first create the circle by using cotcreate and the -l option. |
cotremove |
Removes a trusted provider from an existing circle of trust. |
cotmember |
Lists the member providers in a particular circle of trust. |
cotlist |
Lists all the circles of trust configured on the system. |
The following command example will create a circle of trust:
saml2meta [-i staging-directory] cotcreate -u admin-user -w password -t COT-name -p idp-discovery-URL-path |
This second command example will add a trusted provider to an existing circle of trust:
saml2meta [-i staging-directory] cotadd -u admin-user -w password -t COT-name -e entity-ID |
This next command example will remove a trusted provider from an existing circle of trust:
saml2meta [-i staging-directory] cotremove -u admin-user -w password -t COT-name -e entity-ID |
This command example will list all the providers belonging to an existing circle of trust:
saml2meta [-i staging-directory] cotmember -u admin-user -w password -t COT-name |
This last command example will list all the available circles of trust under the instance of the SAML v2 Plug-in for Federation Services:
saml2meta [-i staging-directory] cotlist -u admin-user -w password |