Created
May 23, 2018 23:01
-
-
Save ndmanvar/5222333334b8c6e1c5b85e44694b09b3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" ID="_8e843b0b-c296-4e57-a7d7-4ec6ddc1f724" entityID="https://sts.windows.net/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/"> | |
| <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/wsfed/federation/200706"> | |
| <KeyDescriptor use="signing"> | |
| <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> | |
| <X509Data> | |
| <X509Certificate>MIIC8DCCAdigAwIBAgIQOqpXXX/WqqRK2f2fwUSQ3TANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0xODA1MjMxNjQxMzVaFw0yMTA1MjMxNjQxMzVaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYy3nufhxToFxt98nkNZyYNwX6nymBaja4zr3V4jlhnrf6C75omOwRYcs7MR3ENeFexudasXqernoKodHgl+/HFpFXL1uputm4ouYINunpjMrirUMfuYOcMWTGKAInzuEH2eHSCXVachD2sYNIOR9WqttVQvDTVZrkARHW9x7GcFefwzvT61LkbC+mBQm/XfauKy1B8tFEBL48AcdWjbS0BDROANjNKrBVy9U7ozOnCuymYY5gRFDvCSZvKWeEpJj9cgwkgpAmfWgXv1HiCJrVFpxE3eRPh+2fgMyd+jeBf2PdZPlyxsrHA+507BZCLFQ0Ah9SHnEYMSuIuSVbQOBQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBc+6x7vaSCu0gh92HKGTxwc/3AkE0ddISG5mFyk5iOWs129R9bJ7ZE25XLsF/xysfWnLSo1p0gIoyV1+EkgAzaznA0RsUHIXRkMmH+oSYrDRocBZAGddHP2nMnkfgFQgQDjvOhTvgXspnjKawJvPQ/g6p1Xpnnb4HTcudR6h917061W519o7rBZo4QWKv3erPhkeioQz8YETi+29SoHSUn8T3421V5q1Da4VOd0UHj8qQxasW+ba4bUXYKF83cjwSXd0WmmTyzpdKqPTc/o+jP5rjRtwOHVGgZiLGMhC7i7X2XRfVTI7TohVbcPCsRWeY4WNgE3xy6lKQvUf5XNsTw</X509Certificate> | |
| </X509Data> | |
| </KeyInfo> | |
| </KeyDescriptor> | |
| <fed:ClaimTypesOffered> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true"> | |
| <auth:DisplayName>Name</auth:DisplayName> | |
| <auth:Description>The mutable display name of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true"> | |
| <auth:DisplayName>Subject</auth:DisplayName> | |
| <auth:Description>An immutable, globally unique, non-reusable identifier of the user that is unique to the application for which a token is issued.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true"> | |
| <auth:DisplayName>Given Name</auth:DisplayName> | |
| <auth:Description>First name of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true"> | |
| <auth:DisplayName>Surname</auth:DisplayName> | |
| <auth:Description>Last name of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/displayname" Optional="true"> | |
| <auth:DisplayName>Display Name</auth:DisplayName> | |
| <auth:Description>Display name of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/nickname" Optional="true"> | |
| <auth:DisplayName>Nick Name</auth:DisplayName> | |
| <auth:Description>Nick name of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true"> | |
| <auth:DisplayName>Authentication Instant</auth:DisplayName> | |
| <auth:Description>The time (UTC) when the user is authenticated to Windows Azure Active Directory.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true"> | |
| <auth:DisplayName>Authentication Method</auth:DisplayName> | |
| <auth:Description>The method that Windows Azure Active Directory uses to authenticate users.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/objectidentifier" Optional="true"> | |
| <auth:DisplayName>ObjectIdentifier</auth:DisplayName> | |
| <auth:Description>Primary identifier for the user in the directory. Immutable, globally unique, non-reusable.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/tenantid" Optional="true"> | |
| <auth:DisplayName>TenantId</auth:DisplayName> | |
| <auth:Description>Identifier for the user's tenant.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/identityprovider" Optional="true"> | |
| <auth:DisplayName>IdentityProvider</auth:DisplayName> | |
| <auth:Description>Identity provider for the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true"> | |
| <auth:DisplayName>Email</auth:DisplayName> | |
| <auth:Description>Email address of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groups" Optional="true"> | |
| <auth:DisplayName>Groups</auth:DisplayName> | |
| <auth:Description>Groups of the user.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/accesstoken" Optional="true"> | |
| <auth:DisplayName>External Access Token</auth:DisplayName> | |
| <auth:Description>Access token issued by external identity provider.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/expiration" Optional="true"> | |
| <auth:DisplayName>External Access Token Expiration</auth:DisplayName> | |
| <auth:Description>UTC expiration time of access token issued by external identity provider.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/identity/claims/openid2_id" Optional="true"> | |
| <auth:DisplayName>External OpenID 2.0 Identifier</auth:DisplayName> | |
| <auth:Description>OpenID 2.0 identifier issued by external identity provider.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/claims/groups.link" Optional="true"> | |
| <auth:DisplayName>GroupsOverageClaim</auth:DisplayName> | |
| <auth:Description>Issued when number of user's group claims exceeds return limit.</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true"> | |
| <auth:DisplayName>Role Claim</auth:DisplayName> | |
| <auth:Description>Roles that the user or Service Principal is attached to</auth:Description> | |
| </auth:ClaimType> | |
| <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/wids" Optional="true"> | |
| <auth:DisplayName>RoleTemplate Id Claim</auth:DisplayName> | |
| <auth:Description>Role template id of the Built-in Directory Roles that the user is a member of</auth:Description> | |
| </auth:ClaimType> | |
| </fed:ClaimTypesOffered> | |
| <fed:SecurityTokenServiceEndpoint> | |
| <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> | |
| <Address>https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/wsfed</Address> | |
| </EndpointReference> | |
| </fed:SecurityTokenServiceEndpoint> | |
| <fed:PassiveRequestorEndpoint> | |
| <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> | |
| <Address>https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/wsfed</Address> | |
| </EndpointReference> | |
| </fed:PassiveRequestorEndpoint> | |
| </RoleDescriptor> | |
| <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/wsfed/federation/200706"> | |
| <KeyDescriptor use="signing"> | |
| <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> | |
| <X509Data> | |
| <X509Certificate>MIIC8DCCAdigAwIBAgIQOqpN68/WqqRK2f2fwUSQ3TANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0xODA1MjMxNjQxMzVaFw0yMTA1MjMxNjQxMzVaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYy3nufhxToFxt98nkNZyYNwX6nymBaja4zr3V4jlhnrf6C75omOwRYcs7MR3ENeFexudasXqernoKodHgl+/HFpFXL1uputm4ouYINunpjMrirUMfuYOcMWTGKAInzuEH2eHSCXVachD2sYNIOR9WqttVQvDTVZrkARHW9x7GcFefwzvT61LkbC+mBQm/XfauKy1B8tFEBL48AcdWjbS0BDROANjNKrBVy9U7ozOnCuymYY5gRFDvCSZvKWeEpJj9cgwkgpAmfWgXv1HiCJrVFpxE3eRPh+2fgMyd+jeBf2PdZPlyxsrHA+507BZCLFQ0Ah9SHnEYMSuIuSVbQOBQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBc+6x7vaSCu0gh92HKGTxwc/3AkE0ddISG5mFyk5iOWs129R9bJ7ZE25XLsF/xysfWnLSo1p0gIoyV1+EkgAzaznA0RsUHIXRkMmH+oSYrDRocBZAGddHP2nMnkfgFQgQDjvOhTvgXspnjKawJvPQ/g6p1Xpnnb4HTcudR6h917061W519o7rBZo4QWKv3erPhkeioQz8YETi+29SoHSUn8T3421V5q1Da4VOd0UHj8qQxasW+ba4bUXYKF83cjwSXd0WmmTyzpdKqPTc/o+jP5rjRtwOHVGgZiLGMhC7i7X2XRfVTI7TohVbcPCsRWeY4WNgE3xy6lKQvUf5XNsTw</X509Certificate> | |
| </X509Data> | |
| </KeyInfo> | |
| </KeyDescriptor> | |
| <fed:TargetScopes> | |
| <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> | |
| <Address>https://sts.windows.net/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/</Address> | |
| </EndpointReference> | |
| </fed:TargetScopes> | |
| <fed:ApplicationServiceEndpoint> | |
| <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> | |
| <Address>https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/wsfed</Address> | |
| </EndpointReference> | |
| </fed:ApplicationServiceEndpoint> | |
| <fed:PassiveRequestorEndpoint> | |
| <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> | |
| <Address>https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/wsfed</Address> | |
| </EndpointReference> | |
| </fed:PassiveRequestorEndpoint> | |
| </RoleDescriptor> | |
| <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> | |
| <KeyDescriptor use="signing"> | |
| <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> | |
| <X509Data> | |
| <X509Certificate>MIIC8DCCAdigAwIBAgIQOqpN68/WqqRK2f2fwUSQ3TANBgkqhkiG9w0BAQsFADXXXXwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0xODA1MjMxNjQxMzVaFw0yMTA1MjMxNjQxMzVaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYy3nufhxToFxt98nkNZyYNwX6nymBaja4zr3V4jlhnrf6C75omOwRYcs7MR3ENeFexudasXqernoKodHgl+/HFpFXL1uputm4ouYINunpjMrirUMfuYOcMWTGKAInzuEH2eHSCXVachD2sYNIOR9WqttVQvDTVZrkARHW9x7GcFefwzvT61LkbC+mBQm/XfauKy1B8tFEBL48AcdWjbS0BDROANjNKrBVy9U7ozOnCuymYY5gRFDvCSZvKWeEpJj9cgwkgpAmfWgXv1HiCJrVFpxE3eRPh+2fgMyd+jeBf2PdZPlyxsrHA+507BZCLFQ0Ah9SHnEYMSuIuSVbQOBQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBc+6x7vaSCu0gh92HKGTxwc/3AkE0ddISG5mFyk5iOWs129R9bJ7ZE25XLsF/xysfWnLSo1p0gIoyV1+EkgAzaznA0RsUHIXRkMmH+oSYrDRocBZAGddHP2nMnkfgFQgQDjvOhTvgXspnjKawJvPQ/g6p1Xpnnb4HTcudR6h917061W519o7rBZo4QWKv3erPhkeioQz8YETi+29SoHSUn8T3421V5q1Da4VOd0UHj8qQxasW+ba4bUXYKF83cjwSXd0WmmTyzpdKqPTc/o+jP5rjRtwOHVGgZiLGMhC7i7X2XRfVTI7TohVbcPCsRWeY4WNgE3xy6lKQvUf5XNsTw</X509Certificate> | |
| </X509Data> | |
| </KeyInfo> | |
| </KeyDescriptor> | |
| <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/saml2" /> | |
| <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/saml2" /> | |
| <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.microsoftonline.com/7caf3409-bef6-4552-b9e8-27bfaf66eb0c/saml2" /> | |
| </IDPSSODescriptor> | |
| </EntityDescriptor> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment