summaryrefslogtreecommitdiff
path: root/metadata/swamid-2.0/idportal.ki.se-shibboleth.xml
blob: ccdc60ba18ef9276e5fe2a2f54f3796824fcca86 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://idportal.ki.se/shibboleth">
  <md:Extensions>
    <mdattr:EntityAttributes>
      <samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
        <samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2024-10-08T14:33:36Z">
      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
  </md:Extensions>
  <md:SPSSODescriptor AuthnRequestsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <mdui:UIInfo>
        <mdui:DisplayName xml:lang="en">Karolinska Institutet ID Portal</mdui:DisplayName>
        <mdui:DisplayName xml:lang="sv">Karolinska Institutet ID-portal</mdui:DisplayName>
        <mdui:Logo xml:lang="en" height="100" width="200">https://login.ki.se/images/KI_digital_logotyp_positiv_RGB.svg</mdui:Logo>
        <mdui:Logo xml:lang="sv" height="100" width="200">https://login.ki.se/images/KI_digital_logotyp_positiv_RGB.svg</mdui:Logo>
        <mdui:Description xml:lang="en">Portal for activating and verifying Karolinska Institutet accounts</mdui:Description>
        <mdui:Description xml:lang="sv">Portal för aktivering och verifiering av konton hos Karolinska Institutet</mdui:Description>
        <mdui:InformationURL xml:lang="sv">https://idportal.ki.se</mdui:InformationURL>
        <mdui:InformationURL xml:lang="en">https://idportal.ki.se</mdui:InformationURL>
        <mdui:PrivacyStatementURL xml:lang="sv">https://idportal.ki.se/pp_sv.html</mdui:PrivacyStatementURL>
        <mdui:PrivacyStatementURL xml:lang="en">https://idportal.ki.se/pp_en.html</mdui:PrivacyStatementURL>
      </mdui:UIInfo>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://idportal.ki.se/Shibboleth.sso/Login"/>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo>
        <ds:KeyName>kiidacauth01.user.ki.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=kiidacauth01.user.ki.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIEFzCCAn+gAwIBAgIUWbtXnGcCOfYvnYQjNa7Vwt1qMcYwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXa2lpZGFjYXV0aDAxLnVzZXIua2kuc2UwHhcNMjMwNTEx
MTU0NDU4WhcNMzMwNTA4MTU0NDU4WjAiMSAwHgYDVQQDExdraWlkYWNhdXRoMDEu
dXNlci5raS5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMsNmZx2
aqzGGeChtpT7txj3zdFw6cJdys+sz/qrLms7f8pKfQz5Yupjz5pP3KkTSsxd2+VV
aVqJFUplDBdz1bGptuP+GdgJMusyNIcMWwW3YWy7fK1KgG2Q2CoWChxuidJJdOTz
XDvJcTHxnICJRZ4lSC2VHl8U09+R4Bu7SPh7FnZ9tHAzmF4VsKkF2nvUpa4srspf
QuHyTczjSzcBnoZESHXUE9v3iisovvff6onvjzkLaFqIYlar6a8FXjGPslWnXnLx
4cWOAYV852nV7N5F4hgd13mavM8qYRzjc7QpRDIbNaaV0YhqDi/mq8vk6NIestNs
ZWq1yeI1tA8+D55jrpcME9TyxmXxHAVTZGWL8hdCqn2OZDubujneAQtTp0bVHC8a
8v9yYLM5Epq6VyXswDHeY6+ePE1CDV9Fd3iLmC8aMu7JqfN6HeWEsMXu+7wGYEld
bxp3aLSoE757my9tg7ESmzU1OZ/0QJ8Say0iiMfhKcGiGZ27r5ZRg014/wIDAQAB
o0UwQzAiBgNVHREEGzAZghdraWlkYWNhdXRoMDEudXNlci5raS5zZTAdBgNVHQ4E
FgQUf479m4voB7rtr3nxdxT/ZBjfRHYwDQYJKoZIhvcNAQELBQADggGBAC2fzoih
R4zYq9kch1dCpOfSrglDdkUIvjhntXEi+z7H+5RgpDai33a2LEhTit+yB1Ty7Psh
B0uUbEglTzB+2enGOjwpoYaivFAKQx5zoQqquElIjCzAEghoAmGIgZXhqDKJ/Fzb
MHQjvnG8O2bgJTyJAA5thizdrDETpaXcVov7HfPkldsz5upFHeWELZli4sTQQw6G
eiMzaO8PTcHojV/LinGVzkcUbZHbrFDoD/lgoGhfcE9q5OkU7t/g2ZXSjznvfeFn
zUa9qk2xxB0v1OzbWkp5e+zm6Svop2QWWJ55LSmST6V7TzvIJhrZjnsZMdsSXhCM
W8KQh145QueKB/1vBeFLgo32/TUrrtS6Nttl9owBplMS1QaMIR2XjN+opnoWc5dD
pV7uSAl+gwvp9MP8e4jMGxeLuZYf5MOswJSnpp88wTo+Bhj/Aq87/nnqLGopraQt
PkPLuWupp93CzbD8GdzqwSdTHqroxXck9qvMs2E+Cv3dgcRr/8NpyzSEcw==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo>
        <ds:KeyName>kiidacauth01.user.ki.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=kiidacauth01.user.ki.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIEFzCCAn+gAwIBAgIUAnopQsUB2Wx1FwGLkYLZd8+I+WIwDQYJKoZIhvcNAQEL
BQAwIjEgMB4GA1UEAxMXa2lpZGFjYXV0aDAxLnVzZXIua2kuc2UwHhcNMjMwNTEx
MTU0NDU1WhcNMzMwNTA4MTU0NDU1WjAiMSAwHgYDVQQDExdraWlkYWNhdXRoMDEu
dXNlci5raS5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKlCoEX6
aKXOdSBz3BMyjuGNgubCcOekadyu80KHjPIc+o2JiG1oXN8n7JzsDkK0U4AFCD9L
0H8/bqPOwIrKF4JB4ALLeHEOQCNDJ9pVXp4CuU0XD+kolLq07DbnvamyRmY/r821
tNYlsGO3aj5zyxT7jWT50FRfza8R8IFAVhkm1STrkXsSAaBYC7wUs5AT3E2Bqh9m
xobd76XSbD/HozCS7ydW8OT99HKakxzR4tg4JuIcyucvrPHDYDQ2OhLpfWdtM1j0
Ov+MDR+dIGw0BQdbVzIEC7LXLYf26f8TkERtc7IoAHwoACgfoJFHSn2lofUlJDRF
AeMnpW+NYMYvdY3jBBEslpGCNZ7HXGRL3yF2wjK8vJc8AXHS8O5kBtWtllqsHtRy
adF/9k4PhUWcD3h4jgH+MLd7SvJv/SWp3lM6KA0xV/Cn7t5xMO9ouj7c6Bielly2
k254r7TvEXFw/4h9rlmtaxOHRCRm+qzW/FtxxMwaKdL3FEVAL4bnss5PpwIDAQAB
o0UwQzAiBgNVHREEGzAZghdraWlkYWNhdXRoMDEudXNlci5raS5zZTAdBgNVHQ4E
FgQUyQSBFqtz5xI/0EKdwFqmrBZ3aK0wDQYJKoZIhvcNAQELBQADggGBAHW2AMwb
q+FaILghgHGF2L4Yt71jIzZYafm4jyFtjnq2DyWV9Yao42HjPV6mBF1VEB4PcZdH
XP+CQFacqDbK+ZaG7PriM/SM/8c3B75v7msetvnvyhnvjG0GNJiwKIOclW5KIPSd
iMXsL4Z02cGyFEaQSywL8qVzdZLm/AhtAclwbrpAEBWDXgmHJDQcfl4FNED+iTy+
uFeid5PbbhV+GZwLm8fkiPSMjr8cmiACGr/TjQzmLj3CHBaV2mpHC3pf19gPAHjc
zz64FxNaRHkBBnrL8iwPCW3Mt3ECfR756QiqX5JWMjZwe+eSpZ60wlyF2zGca6ou
L7IRYNdkSvomIBVeZsCRdlyGOEm1SMBdq/RcbxNlByKktyn4ufAlHsqQslFb8OtD
Z5kV85U/QtPBlYT3dQ/km3IeeJsosGsnIyyzI0b2poMaPBHZ0sS1z+ylz65Kp35O
0wsx0JjKtWjDiOS6tq8tumhiIoU97s9sNu66kT/UpNGPUK4fjDRCDRLzIg==</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idportal.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idportal.ki.se/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idportal.ki.se/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idportal.ki.se/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idportal.ki.se/Shibboleth.sso/SLO/Artifact"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idportal.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idportal.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idportal.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://idportal.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
    <md:AttributeConsumingService index="1" isDefault="true">
      <md:ServiceName xml:lang="en">ID Portal</md:ServiceName>
      <md:ServiceName xml:lang="sv">ID Portal</md:ServiceName>
      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">Karolinska Institutet</md:OrganizationName>
    <md:OrganizationName xml:lang="sv">Karolinska Institutet</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">Karolinska Institutet</md:OrganizationDisplayName>
    <md:OrganizationDisplayName xml:lang="sv">Karolinska Institutet</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">https://ki.se/en</md:OrganizationURL>
    <md:OrganizationURL xml:lang="sv">https://ki.se</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="technical">
    <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="support">
    <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="administrative">
    <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName>Security Response Team</md:GivenName>
    <md:EmailAddress>mailto:selfservice@ki.se</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 21:46:48 +0000