Establishing trust between federation partners is a pre-requisite to perform any federation SSO operation between federation servers. Establishing trust involves exchanging certificate information. If a protocol relies on PKI X.509 certificates to secure message exchanges, as well as the locations and URLs of the services that implement the federation protocol, you can create a service provider SAML 2.0 metadata file in XML format for use by IdP containing information about profiles that the service provider supports. Sites acting as identity providers can import this metadata file to establish a relationship with the service provider.
To export SAML 2.0 service provider metadata:
- In the Launch Pad tab, under Configuration, click Federation Settings.
- In the Federation Settings tab, under General, click Export SAML 2.0 Metadata...
- For later use, record the location to which you export the SAML 2.0 metadata.
- Provide the metadata file to the IdP when establishing a service provider partner.