metadata/swamid-2.0/scim.lab.swamid.se-shibboleth.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" entityID="https://scim.lab.swamid.se/shibboleth">
  <md:Extensions>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
    <mdattr:EntityAttributes>
      <samla:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
        <samla:AttributeValue>https://refeds.org/category/code-of-conduct/v2</samla:AttributeValue>
      </samla:Attribute>
    </mdattr:EntityAttributes>
    <mdrpi:RegistrationInfo registrationAuthority="http://www.swamid.se/" registrationInstant="2023-04-21T07:55:49Z">
      <mdrpi:RegistrationPolicy xml:lang="en">http://swamid.se/policy/mdrps</mdrpi:RegistrationPolicy>
    </mdrpi:RegistrationInfo>
  </md:Extensions>
  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:Extensions>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://scim.lab.swamid.se/Shibboleth.sso/Login"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://scim.lab.swamid.se/Shibboleth.sso/Login" index="1"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://scim.lab.swamid.se/Shibboleth.sso/DS/seamless-access"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://scim.lab.swamid.se/Shibboleth.sso/DS/seamless-access" index="2"/>
      <init:RequestInitiator Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://scim.lab.swamid.se/Shibboleth.sso/DS/thiss.io"/>
      <idpdisc:DiscoveryResponse Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://scim.lab.swamid.se/Shibboleth.sso/DS/thiss.io" index="3"/>
      <mdui:UIInfo>
        <mdui:Description xml:lang="en">This is a service for handling SCIM data.</mdui:Description>
        <mdui:Description xml:lang="sv">Detta är en tjänst för att hantera SCIM data.</mdui:Description>
        <mdui:DisplayName xml:lang="en">SCIM admin tool - lab</mdui:DisplayName>
        <mdui:DisplayName xml:lang="sv">SCIM admin tool - lab</mdui:DisplayName>
        <mdui:InformationURL xml:lang="en">https://scim.lab.swamid.se/</mdui:InformationURL>
        <mdui:InformationURL xml:lang="sv">https://scim.lab.swamid.se/</mdui:InformationURL>
        <mdui:PrivacyStatementURL xml:lang="en">https://scim.lab.swamid.se/?Privacy</mdui:PrivacyStatementURL>
        <mdui:PrivacyStatementURL xml:lang="sv">https://scim.lab.swamid.se/?Privacy</mdui:PrivacyStatementURL>
        <mdui:Logo xml:lang="en" height="205" width="256">https://static.sunet.se/images/sunet256.png</mdui:Logo>
        <mdui:Logo xml:lang="sv" height="205" width="256">https://static.sunet.se/images/sunet256.png</mdui:Logo>
      </mdui:UIInfo>
    </md:Extensions>
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo>
        <ds:KeyName>scim.lab.swamid.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=scim.lab.swamid.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIFCDCCAvCgAwIBAgIUdyrd+Z46CDmckb1P1WWx/+tqldEwDQYJKoZIhvcNAQEL
BQAwHTEbMBkGA1UEAxMSc2NpbS5sYWIuc3dhbWlkLnNlMB4XDTIzMDQyMDExMzgx
NVoXDTMzMDQxNzExMzgxNVowHTEbMBkGA1UEAxMSc2NpbS5sYWIuc3dhbWlkLnNl
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5CKHJMEklt8Mxz/6mBPf
rkRPsCxoinrCHyZG3Z3gM0yDAFv0qL2i1xdsbEpKhnxiWwD3JbT4mmJL+sjLjCkK
6r2/oirxonXOHVOGwcuDZxGf+JXDERMADPHMHe3n8bvLkrrb4RxmKFk8k2yhThxp
ABCerDaF7HCxvGp2mziGM8tzA5O7n1lUcMqST3jyFrChhaIHodCTrC9IOLrRg60x
3pAUXfB+lpmgXczl4WDwrymwLM/zYKX2Hd4UyZCUo/DpUtfJqM1+SjZYKiCzAW0A
rq7uAU3feXqITViIYvrc+hf1lxGFwzJHozPEnqO3O3DB3Sac21YkVIw/UYKtu7D1
flbOIoOvV842Sj6Up6AaCiAofGuqbPpmX4endJI51jG224bxDGzOPCUayvsn30PQ
b5f4Uu9S/P5kGb+lv6Z/8VP+papmDrKgSo4XhVgXPecohaNkg0yeXzWWNTLEewru
CyqXKaReMLSTZSC1MpJ99UfMpeF6beTpO9VplzSbH2XPATlJKw3KtQmlBnEZy62Z
9WFqorBpfxL4TQNJgAYtBQrhNEsPO0SkctZWV/9NGdDkc7d7pUTFTFKqRLlzNZJP
ydv3nI1CqNy0aYEqIlj4G+yvGAdGWcSaukSI1tdBbI0OQ+DwmMa5wftasjJrFQR2
93yhctuGGMvj+MhhLJy6kqsCAwEAAaNAMD4wHQYDVR0RBBYwFIISc2NpbS5sYWIu
c3dhbWlkLnNlMB0GA1UdDgQWBBQZ/2PTyosqJ9VE11B2xYQdJyKt4TANBgkqhkiG
9w0BAQsFAAOCAgEAYBFQpbYKMhwLjGWL4ZCsWi9qdyKlH66bOv8DUVoAWbeK9zTA
Kv9slU/gLFz1R7XkoZQUJaCFFxiPaYSWY1TGr577ORbQcVqpPzq+IMnPQaFsxwwV
DU4CDSkz5qE2KuzmSt+Bso+asrqjdCmUbS9flNxj/P3z0E99aawenvgCkTSZ1r7n
RmtTxF2hKCj+ASWRP/QTUfpfq/QaV0kibRicySUkuf1nZQcqa8ShSADpJP9WyK2I
bGp+H1MC8PoRWPHTtkx4WRrID0bpTN86xk+759WZt68FzKVCwLBLrdlQbuPqtEVc
hrNfpL9rPxZULopo7hDodhbNo2iHk5/7zArJDvn0InZ3TEtQRwz64GUNs2Y7C0S9
bwQo6yBXoF0i073bgSK8hE1Wcr9SeMwQrqjih0F5mvaDiFf4/TEWQLVx0247F1F1
nnPrxXN/NNu78kjTMAJS7PYrLTIxr1UMrKaYMlpdlY2ErhtT3tm3qnSTzNk+KaEq
Ff0ktzCxEB0SivQ9plaOaVhZ+ESOh6x47TxkuTBbszBI4XcYkF39osGzH7OePaJo
FRiSpbfoWQ8YbVgYsajUMM6DgYKQhz8am39gn1hZUn8AclfDlHVGcM9aMi9g3geu
wH+qDF9OJOxRiBjc2hHKsfrW45Z4TATe+3MiuAIInyrUwUryjDhWZlYThyo=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo>
        <ds:KeyName>scim.lab.swamid.se</ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=scim.lab.swamid.se</ds:X509SubjectName>
          <ds:X509Certificate>MIIFCDCCAvCgAwIBAgIUUxdCyA58XxQpLFJYKV7S7SVovpswDQYJKoZIhvcNAQEL
BQAwHTEbMBkGA1UEAxMSc2NpbS5sYWIuc3dhbWlkLnNlMB4XDTIzMDQyMDExMzgx
N1oXDTMzMDQxNzExMzgxN1owHTEbMBkGA1UEAxMSc2NpbS5sYWIuc3dhbWlkLnNl
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm9Pr4qIx+Ksql/9K7Yk8
Vf/KdX1IFoRAX4ZO4qZMRk13SiOXNJTZ1Tq8V+x34G8j1rYM9elcCtmVwgjmpBhE
IcwzU6H7O6XNJl3jARdY2Jx0fvYucIhy54jHO3eQryCPPSW/DevyHlytlBhDVKRK
SAwcEUFlr/w3rRt28TTQMOVtrUyH8ed0G2bAA0F3ER+iAu41AszEjBNOBu76NQRT
A4SK35b4IbBWUSkBEW0fLZXHCv0/SGsMBj671yoIC7PLx9gNDXiv/4pGupNwtvYl
/3qzzyXQN9qhZWNfM0UZhSzWW2mmSSZkNqUyna2ZmYfeUIsL0QSfMacWOYvYS3Vc
9mtxd8jzuhzWjXqc3GrMeOH8f7VSXn6LntxG/lQPlA8HSnwMGOivxJHXkcnRHvJx
UHpLx93pE1C/8uInqBCX1l0sn2I7wNjpVOpC4hZck6r1CJcsfy7LWzAf14twExKC
uHfUF+jtPjBJcYaQ+Tij0n+qf/6xQKKUH1s8jADmv+ZNos/Ru1I5IWDwf+Yds2uS
RqIRejz+/JmKfUubRvNYCqWHnkn5NJHYSgRQKvAR4mk+Wr0nGnUfQEGcl0TAiNAu
inao0iMPeGGBH/eAaVlVz9unps7rk+TWdVGcoHlyaPSOkIqkDX02v+fQHDC+L7s2
sQCVB+QXguDOlAO4sCz68E8CAwEAAaNAMD4wHQYDVR0RBBYwFIISc2NpbS5sYWIu
c3dhbWlkLnNlMB0GA1UdDgQWBBRwXVeOzc40PQ2YjyW4ruNZwxqoYTANBgkqhkiG
9w0BAQsFAAOCAgEAcwIJwCVB2oxZ55ebkxL7fiVOaCpqWZ8SoiJyhp9kljKj1EFI
WzkRM5D3fU/ryJKdwhBJVdmUkoZa5oseo/FWKiqqeQXGI/ebWXZKnQ92S60dQxpu
wX7N8/dcoXVEUyovhKrN3VZuBFuhTn5vkbdUTU1kSfg0ZFDDprmZ4kre9LDZj+V6
mL5+Tr4oEcR91NedmSlAdnIcVzVUDktoms+C1Io0eijqA3lXIN972rxIdzZmmm7x
/qTv0UFbOeJU7/p/frTWE9eRtYXshffwfVdLE5pzKqfehmaqenr9MiINhyb8hPz0
sz3aST/0/KuItrAweuTBl5Ngiu4IfWZJm61ywTanpgjRDpr8lZcZweMAJNOLNCQS
AEJBImpn3+G5eRNDat5KpzvycxVZloa+BSMee/d0KhaE3Zs7uzBX6slpr3GCUPfQ
NL5ZeU3g18/5WYizu3hFVKciruXm8IDqzznKvbBLQ0XO9rkmJ0F8HrvoRrjsEqUh
OtTaKSPjccZL0PNEkdnB5KPNbBNgSOduo31TCxDMzhwNrPHmMvtRqf5M9xtF+LB/
V1amQU+C/JUYxA0YERnfx8BeDV9QaIU+bU/SjpbozS8PeHpg/hBSD66W2GoR0wcq
8ZMU1omZ/C6soxRm9x4iwuHIZgOyy/CczrLaN/auR7w8hstCCjaEyZVY8xs=</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://scim.lab.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://scim.lab.swamid.se/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://scim.lab.swamid.se/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://scim.lab.swamid.se/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://scim.lab.swamid.se/Shibboleth.sso/SLO/Artifact"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://scim.lab.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://scim.lab.swamid.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://scim.lab.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://scim.lab.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/>
    <md:AttributeConsumingService index="1">
      <md:ServiceName xml:lang="en">SCIM admin</md:ServiceName>
      <md:ServiceName xml:lang="sv">SCIM admin</md:ServiceName>
      <md:RequestedAttribute FriendlyName="eduPersonAssurance" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.11" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonPrincipalName" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="eduPersonScopedAffiliation" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="mailLocalAddress" Name="urn:oid:2.16.840.1.113730.3.1.13" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="schacDateOfBirth" Name="urn:oid:1.3.6.1.4.1.25178.1.2.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
      <md:RequestedAttribute FriendlyName="norEduPersonNIN" Name="urn:oid:1.3.6.1.4.1.2428.90.1.5" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
    </md:AttributeConsumingService>
  </md:SPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en">The Swedish Research Council</md:OrganizationName>
    <md:OrganizationName xml:lang="sv">Vetenskapsrådet</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
    <md:OrganizationDisplayName xml:lang="sv">Swedish Academic Identity Federation (SWAMID)</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en">http://www.swamid.se</md:OrganizationURL>
    <md:OrganizationURL xml:lang="sv">http://www.swamid.se</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="administrative">
    <md:GivenName>SWAMID Operations</md:GivenName>
    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="support">
    <md:GivenName>SWAMID Operations</md:GivenName>
    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="technical">
    <md:GivenName>SWAMID Operations</md:GivenName>
    <md:EmailAddress>mailto:operations@swamid.se</md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson xmlns:remd="http://refeds.org/metadata" contactType="other" remd:contactType="http://refeds.org/metadata/contactType/security">
    <md:GivenName>Security Response Team</md:GivenName>
    <md:EmailAddress>mailto:abuse@sunet.se</md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>